CVE-2013-7079
TYPO3 4.5.0-4.5.31, 4.7.0-4.7.16, 6.0.0-6.0.11, 6.1.0-6.1.6 - Open Redirect in OpenID Extension
Title source: llmDescription
Open redirect vulnerability in the OpenID extension in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
References (4)
Core 4
Core References
Mailing List mailing-list
x_refsource_mlist
http://seclists.org/oss-sec/2013/q4/473
Vendor Advisory x_refsource_confirm
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/64252
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2014/dsa-2834
Scores
EPSS
0.0029
EPSS Percentile
52.0%
Details
CWE
CWE-20
Status
published
Products (50)
friendsoftypo3/openid
4.5.0 - 4.5.31Packagist
typo3/typo3
4.5.0
typo3/typo3
4.5.1
typo3/typo3
4.5.2
typo3/typo3
4.5.3
typo3/typo3
4.5.4
typo3/typo3
4.5.5
typo3/typo3
4.5.6
typo3/typo3
4.5.7
typo3/typo3
4.5.8
... and 40 more
Published
Dec 23, 2013
Tracked Since
Feb 18, 2026