CVE-2012-3529
published 2012-09-05CVE-2012-3529: The configuration module in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to…
PriorityP415low3.5CVSS 2.0
AVNACMAuSCPINAN
EPSS
0.84%
53.2th percentile
The configuration module in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to obtain the encryption key via unspecified vectors.
Affected
41 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| typo3 | cms | >= 4.5 < 4.5.19 | 4.5.19 |
| typo3 | cms | >= 4.6 < 4.6.12 | 4.6.12 |
| typo3 | cms | >= 4.7 < 4.7.4 | 4.7.4 |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Typo3 Backend Configuration XSS Vulnerability
osv·2022-05-17
CVE-2012-3529 [LOW] Typo3 Backend Configuration XSS Vulnerability
Typo3 Backend Configuration XSS Vulnerability
The configuration module in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to obtain the encryption key via unspecified vectors.
GHSA
Typo3 Backend Configuration XSS Vulnerability
ghsa·2022-05-17
CVE-2012-3529 [LOW] CWE-200 Typo3 Backend Configuration XSS Vulnerability
Typo3 Backend Configuration XSS Vulnerability
The configuration module in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to obtain the encryption key via unspecified vectors.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://osvdb.org/84775http://secunia.com/advisories/50287http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/http://www.debian.org/security/2012/dsa-2537http://www.openwall.com/lists/oss-security/2012/08/22/8https://exchange.xforce.ibmcloud.com/vulnerabilities/77793http://osvdb.org/84775http://secunia.com/advisories/50287http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/http://www.debian.org/security/2012/dsa-2537http://www.openwall.com/lists/oss-security/2012/08/22/8https://exchange.xforce.ibmcloud.com/vulnerabilities/77793
2012-09-05
Published