CVE-2012-1083

Published: Feb 14, 2012Modified: Apr 29, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Cross-site request forgery (CSRF) vulnerability in the Terminal PHP Shell (terminal) extension 0.3.2 and earlier for TYPO3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Affected (1)

Products: Typo3: Terminal

Typo3

1 product

Terminal

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Typo3 Terminal	Up to 0.3.2

Running on/with	Platform Versions
Typo3 Typo3	All versions

Related CWEs

CWE-352

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (6)

http://osvdb.org/78797

Source: cve@mitre.org

http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-001/

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/51849

Source: cve@mitre.org

http://osvdb.org/78797

Source: af854a3a-2127-422b-91ae-364da2661108

http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-001/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/51849

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.