CVE-2013-1843
TYPO3 4.5.x-4.6.x, 4.7.x-4.7.8, 6.0.x-6.0.2 - Open Redirect via Access Tracking Mechanism
Title source: llmDescription
Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
References (8)
Core 8
Core References
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2013-03/msg00079.html
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/52638
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/90924
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/52433
Vendor Advisory x_refsource_confirm
http://typo3.org/support/teamssecuritysecurity-bulletins/security-bulletins-single-view/article/sql-injection-and-open-redirection-in-typo3-core/
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/03/12/3
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2013/dsa-2646
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/58330
Scores
EPSS
0.0063
EPSS Percentile
70.6%
Details
CWE
CWE-399
Status
published
Products (50)
typo3/cms-core
4.5.0 - 4.5.24Packagist
typo3/typo3
4.5
typo3/typo3
4.5.0
typo3/typo3
4.5.1
typo3/typo3
4.5.2
typo3/typo3
4.5.3
typo3/typo3
4.5.4
typo3/typo3
4.5.5
typo3/typo3
4.5.6
typo3/typo3
4.5.7
... and 40 more
Published
Mar 20, 2013
Tracked Since
Feb 18, 2026