Vulnerabilities
Projects
Vulnerability Disclosure
About Us
Contact Us
Mend.io Vulnerability Database
What is a WS vulnerability ID?
What is an MSC vulnerability ID?
We found results for “”
CVE-2024-34537
Good to know:
Date: October 27, 2024
TYPO3 before 13.3.1 allows denial of service (interface error) in the Bookmark Toolbar (ext:backend), exploitable by an administrator-level backend user account via manipulated data saved in the bookmark toolbar of the backend user interface. The fixed versions are 10.4.46 ELTS, 11.5.40 LTS, 12.4.21 LTS, and 13.3.1.
Language: PHP
Severity Score
Related Resources (6)
Severity Score
Weakness Type (CWE)
Top Fix
Upgrade Version
Upgrade to version typo3/cms-backend - v10.4.21;typo3/cms-backend - 13.3.x-dev;typo3/cms-backend - v10.4.24;typo3/cms-backend - v11.5.2;typo3/cms-backend - v13.3.1;typo3/cms-backend - v10.1.0;typo3/cms-backend - v10.4.18;typo3/cms-backend - v11.4.0;typo3/cms-backend - v11.5.6;typo3/cms-backend - v10.4.13;typo3/cms-backend - v11.5.4;typo3/cms-backend - v11.5.40;typo3/cms-backend - v11.5.36;typo3/cms-backend - 11.3.x-dev;typo3/cms-backend - v12.4.21;typo3/cms - v10.4.22;typo3/cms - v10.4.13;typo3/cms - v13.3.1;typo3/cms - dev-l10n_13.4;typo3/cms - v10.4.24;typo3/cms - v12.4.21;typo3/cms - v10.4.18;typo3/cms - 13.3.x-dev;typo3/cms - dev-l10n_master;typo3/cms - v11.5.40;typo3-pagemodule/page - no_fix
CVSS v3.1
| Base Score: |
|
|---|---|
| Attack Vector (AV): | NETWORK |
| Attack Complexity (AC): | LOW |
| Privileges Required (PR): | HIGH |
| User Interaction (UI): | NONE |
| Scope (S): | UNCHANGED |
| Confidentiality (C): | NONE |
| Integrity (I): | NONE |
| Availability (A): | HIGH |