Arbitrary HMAC Signature Generation Vulnerability in TYPO3 Form Content Element

Arbitrary HMAC Signature Generation Vulnerability in TYPO3 Form Content Element

CVE-2013-7081 · MEDIUM Severity

AV:N/AC:M/AU:S/C:P/I:P/A:N

The (old) Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors.

Learn more about our Web Application Penetration Testing UK.