Home > Vulnerability Database > WS-2018-0044

Mend.io Vulnerability Database

WS-2018-0044

Good to know:

Date: September 5, 2017

Information Disclosure vulnerability in TYPO3 7.6.x before 7.6.22 and 8.0.x before 8.7.5. HTTP requests being performed using the TYPO3 API expose the specific TYPO3 version to the called endpoint.

Language: PHP

Severity Score

5.3

Related Resources (3)

Url: https://github.com/TYPO3/TYPO3.CMS/commit/2c6228c5ab06590a7e584e543f5b3b1887268577

Url: https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-006/

Url: https://www.mend.io/vulnerability-database/WS-2018-0044

Severity Score

5.3

Weakness Type (CWE)

Information Leak / Disclosure

CWE-200

Top Fix

Upgrade Version

Upgrade to version TYPO3_7-6-22,TYPO3_8-7-5

Learn More

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

WS-2018-0044

Good to know:

Date: September 5, 2017

Language: PHP

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?