Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2014-3946 - Vulnerability Database
TYPO3

TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2014-3946

Medium
Reference: CVE-2014-3946
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2014-3946
Title: TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

The query caching functionality in the Extbase Framework component in TYPO3 6.2.0 before 6.2.3 does not properly validate group permissions which allows remote authenticated users to read arbitrary queries via unspecified vectors.