CVE-2012-5890
sr_feuser_register < 2.6.2 - Exposure of Sensitive Information via Edit Perspective or Autologin Feature
Title source: llmDescription
The Front End User Registration (sr_feuser_register) extension before 2.6.2 for TYPO3 allows remote attackers to obtain user names and passwords via the (1) edit perspective or (2) autologin feature.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/80145
Various Sources x_refsource_confirm
http://forge.typo3.org/projects/extension-sr_feuser_register/repository/revisions/58720
Patch, Vendor Advisory x_refsource_misc
http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-002/
Various Sources x_refsource_confirm
http://forge.typo3.org/projects/extension-sr_feuser_register/repository/entry/trunk/ChangeLog
Scores
EPSS
0.0137
EPSS Percentile
68.6%
Details
CWE
CWE-200
Status
published
Products (35)
sjbr/sr-feuser-register
0 - 2.6.2Packagist
stanislas_rolland/sr_feuser_register
1.4.7
stanislas_rolland/sr_feuser_register
1.6.5
stanislas_rolland/sr_feuser_register
1.6.6
stanislas_rolland/sr_feuser_register
1.6.7
stanislas_rolland/sr_feuser_register
1.6.8
stanislas_rolland/sr_feuser_register
2.0.0
stanislas_rolland/sr_feuser_register
2.1.0
stanislas_rolland/sr_feuser_register
2.2.0
stanislas_rolland/sr_feuser_register
2.2.1
... and 25 more
Published
Nov 17, 2012
Tracked Since
Feb 18, 2026