Description
The TYPO3 Security - Salted user password hashes (t3sec_saltedpw) extension before 0.2.13 for TYPO3 allows remote attackers to bypass authentication via unspecified vectors.
References (4)
Core 4
Core References
Patch x_refsource_confirm
http://typo3.org/extensions/repository/view/t3sec_saltedpw/0.2.13/
Patch, Vendor Advisory x_refsource_confirm
http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/38992
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/38799
Scores
EPSS
0.0038
EPSS Percentile
59.8%
Details
CWE
CWE-287
Status
published
Products (6)
marcus_krause/t3sec_saltedpw
0.2.8
marcus_krause/t3sec_saltedpw
0.2.9
marcus_krause/t3sec_saltedpw
0.2.10
marcus_krause/t3sec_saltedpw
0.2.11
marcus_krause/t3sec_saltedpw
< 0.2.12
typo3/cms-saltedpasswords
0 - 0.2.13Packagist
Published
Mar 19, 2010
Tracked Since
Feb 18, 2026