CVE-2011-4900
published 2019-11-06CVE-2011-4900: TYPO3 before 4.5.4 allows Information Disclosure in the backend.
PriorityP431medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
0.95%
56.9th percentile
TYPO3 before 4.5.4 allows Information Disclosure in the backend.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| typo3 | cms | >= 0 < 4.5.4 | 4.5.4 |
| typo3 | typo3 | — | — |
| typo3 | typo3 | >= 4.5.0 < 4.5.4 | 4.5.4 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Typo3 Information Disclosure
osv·2022-04-22
CVE-2011-4900 [MEDIUM] Typo3 Information Disclosure
Typo3 Information Disclosure
TYPO3 before 4.5.4 allows Information Disclosure in the backend.
GHSA
Typo3 Information Disclosure
ghsa·2022-04-22
CVE-2011-4900 [MEDIUM] CWE-200 Typo3 Information Disclosure
Typo3 Information Disclosure
TYPO3 before 4.5.4 allows Information Disclosure in the backend.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-11-06
Published