CVE-2014-8874

TYPO3 ke_questionnaire <2.5.2 - Info Disclosure

Title source: llm
STIX 2.1

Description

The ke_questionnaire extension 2.5.2 and earlier for TYPO3 uses predictable names for the questionnaire answer forms, which makes it easier for remote attackers to obtain sensitive information via a direct request.

References (3)

Core 3
Core References
Exploit mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Dec/1
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/534126/100/0/threaded

Scores

EPSS 0.0148
EPSS Percentile 70.8%

Details

CWE
CWE-200
Status published
Products (1)
kennziffer/ke_questionnaire < 2.5.2
Published Dec 02, 2014
Tracked Since Feb 18, 2026