Extbase in TYPO3 4.3.0 before 6.2.24, 7.x before 7.6.8, and 8.1.1 allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted Extbase action.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| typo3/cms-extbase(Packagist) | 0 | 6.2.24 | N/A |
| typo3/cms-extbase(Packagist) | 7.0 | 7.6.8 | N/A |
| typo3/cms-extbase(Packagist) | N/A | N/A | N/A |
CVSS Metrics
