CVE-2010-1022

TYPO3 <0.2.13 - Auth Bypass

Title source: llm

Description

The TYPO3 Security - Salted user password hashes (t3sec_saltedpw) extension before 0.2.13 for TYPO3 allows remote attackers to bypass authentication via unspecified vectors.

References (4)

[Vendor Advisory] http://secunia.com/advisories/38992

[Patch] http://typo3.org/extensions/repository/view/t3sec_saltedpw/0.2.13/

[Patch, Vendor Advisory] http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/38799

Scores

EPSS 0.0038

EPSS Percentile 59.3%

Classification

CWE

CWE-287

Status draft

Affected Products (6)

marcus_krause/t3sec_saltedpw < 0.2.12

marcus_krause/t3sec_saltedpw

typo3/cms-saltedpasswords < 0.2.13Packagist

Timeline

Published Mar 19, 2010

Tracked Since Feb 18, 2026