CVE-2013-7081
TYPO3 4.5.0-4.5.31, 4.7.0-4.7.16, 6.0.0-6.0.11, 6.1.0-6.1.6 - HMAC Signature Bypass
Title source: llmDescription
The (old) Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors.
References (3)
Core 3
Core References
Mailing List mailing-list
x_refsource_mlist
http://seclists.org/oss-sec/2013/q4/473
Vendor Advisory x_refsource_confirm
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2014/dsa-2834
Scores
EPSS
0.0017
EPSS Percentile
38.0%
Details
CWE
CWE-264
Status
published
Products (50)
typo3/cms-core
4.5.0 - 4.5.31Packagist
typo3/typo3
6.0
typo3/typo3
6.0.1
typo3/typo3
6.0.2
typo3/typo3
6.0.3
typo3/typo3
6.0.4
typo3/typo3
6.0.5
typo3/typo3
6.0.6
typo3/typo3
6.0.7
typo3/typo3
6.0.8
... and 40 more
Published
Dec 23, 2013
Tracked Since
Feb 18, 2026