Mass Assignment Vulnerability in TYPO3 Extension Table Administration Library

Mass Assignment Vulnerability in TYPO3 Extension Table Administration Library

CVE-2013-7080 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:N

The creating record functionality in Extension table administration library (feuser_adminLib.inc) in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, and 6.0.0 through 6.0.11 allows remote attackers to write to arbitrary fields in the configuration database table via crafted links, aka "Mass Assignment."

Learn more about our User Device Pen Test.