Business information leak In typo3/cms-core
Description
TYPO3 Disclosure of Information about Installed Extensions It has been discovered that mechanisms used for configuration of RequireJS package loading are susceptible to information disclosure. This way a potential attack can retrieve additional information about installed system and third party extensions.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 packagist | 8.7.23, 9.5.4 |
Aliases
1.
References
1. 2. 3. 4.