ID de Prueba:	1.3.6.1.4.1.25623.1.0.804464
Categoría:	Web application abuses
Título:	TYPO3 Multiple Vulnerabilities (TYPO3-CORE-SA-2014-001)
Resumen:	TYPO3 is prone to multiple vulnerabilities.
Descripción:	Summary: TYPO3 is prone to multiple vulnerabilities. Vulnerability Insight: The flaws are due to: - Failing to properly validate the HTTP host-header TYPO3 CMS is susceptible to host spoofing. - Failing to properly encode user input, several backend components are susceptible to Cross-Site Scripting, allowing authenticated editors to inject arbitrary HTML or JavaScript by crafting URL parameters. Vulnerability Impact: Successful exploitation will allow remote attackers to conduct host spoofing and cross-site scripting attacks. Affected Software/OS: TYPO3 versions 4.5.0 through 4.5.33, 4.7.0 through 4.7.18, 6.0.0 through 6.0.13, 6.1.0 through 6.1.8 and 6.2.0 through 6.2.2. Solution: Update to version 4.5.34, 4.7.19, 6.0.14, 6.1.9, 6.2.3 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3941 Debian Security Information: DSA-2942 (Google Search) http://www.debian.org/security/2014/dsa-2942 http://www.openwall.com/lists/oss-security/2014/06/03/2 SuSE Security Announcement: openSUSE-SU-2014:0813 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html SuSE Security Announcement: openSUSE-SU-2016:2025 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00028.html SuSE Security Announcement: openSUSE-SU-2016:2114 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-08/msg00083.html Common Vulnerability Exposure (CVE) ID: CVE-2014-3943 BugTraq ID: 67625 http://www.securityfocus.com/bid/67625
Copyright	Copyright (C) 2014 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.