Typo3 : Security vulnerabilities, CVEs published in March 2017

CVE-2017-6370

TYPO3 7.6.15 sends an http request to an index.php?loginProvider URI in cases with an https Referer, which allows remote attackers to obtain sensitive cleartext information by sniffing the network and reading the userident and username fields.

Max CVSS

5.3

EPSS Score

0.23%

Published

2017-03-17

Updated

2019-10-03

1 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!

Accept Close

Typo3 : Security Vulnerabilities, CVEs, Published In March 2017

CVE-2017-6370