Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
TYPO3 Insertion of Sensitive Information into Log File Vulnerability - CVE-2021-32767 - Vulnerability Database
TYPO3

TYPO3 Insertion of Sensitive Information into Log File Vulnerability - CVE-2021-32767

Medium
Reference: CVE-2021-32767
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-32767
Title: TYPO3 Insertion of Sensitive Information into Log File Vulnerability
Overview:

TYPO3 is an open source PHP based web content management system. In versions 9.0.0 through 9.5.27 10.0.0 through 10.4.17 and 11.0.0 through 11.3.0 user credentials may been logged as plain-text. This occurs when explicitly using log level debug which is not the default configuration. TYPO3 versions 9.5.28 10.4.18 11.3.1 contain a patch for this vulnerability.