CVE-2013-1843
published 2013-03-20CVE-2013-1843: Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3…
PriorityP424medium6.4CVSS 2.0
AVNACLAuNCPIPAN
EPSS
2.42%
82.1th percentile
Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Affected
58 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| typo3 | cms-core | >= 4.5.0 < 4.5.24 | 4.5.24 |
| typo3 | cms-core | >= 4.6.0 < 4.6.17 | 4.6.17 |
| typo3 | cms-core | >= 4.7.0 < 4.7.9 | 4.7.9 |
| typo3 | cms-core | >= 6.0.0 < 6.0.3 | 6.0.3 |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
TYPO3 Open redirect vulnerability in the Access tracking mechanism
ghsa·2022-05-17
CVE-2013-1843 [MEDIUM] CWE-601 TYPO3 Open redirect vulnerability in the Access tracking mechanism
TYPO3 Open redirect vulnerability in the Access tracking mechanism
Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
OSV
TYPO3 Open redirect vulnerability in the Access tracking mechanism
osv·2022-05-17
CVE-2013-1843 [MEDIUM] TYPO3 Open redirect vulnerability in the Access tracking mechanism
TYPO3 Open redirect vulnerability in the Access tracking mechanism
Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
No detection rules found.
No public exploits indexed.
http://lists.opensuse.org/opensuse-updates/2013-03/msg00079.htmlhttp://secunia.com/advisories/52433http://secunia.com/advisories/52638http://typo3.org/support/teamssecuritysecurity-bulletins/security-bulletins-single-view/article/sql-injection-and-open-redirection-in-typo3-core/http://www.debian.org/security/2013/dsa-2646http://www.openwall.com/lists/oss-security/2013/03/12/3http://www.osvdb.org/90924http://www.securityfocus.com/bid/58330http://lists.opensuse.org/opensuse-updates/2013-03/msg00079.htmlhttp://secunia.com/advisories/52433http://secunia.com/advisories/52638http://typo3.org/support/teamssecuritysecurity-bulletins/security-bulletins-single-view/article/sql-injection-and-open-redirection-in-typo3-core/http://www.debian.org/security/2013/dsa-2646http://www.openwall.com/lists/oss-security/2013/03/12/3http://www.osvdb.org/90924http://www.securityfocus.com/bid/58330
2013-03-20
Published