← Back

CVE-2016-5091

nvd nist
Published: Jan 23, 2017Modified: May 13, 2026

JSON object

Loading...
8.1
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.2 / Impact: 5.9
Source: NVD

Description

Extbase in TYPO3 4.3.0 before 6.2.24, 7.x before 7.6.8, and 8.1.1 allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted Extbase action.

Affected (19)

Products: Typo3: Typo3
Typo3
1 product
Typo3
Configuration A
19 vulnerable
Vulnerable SoftwareAffected Versions
Typo3
Typo3
Up to 6.2.23
Typo3
Version 7.0.0
Typo3
Version 7.0.2
Typo3
Version 7.1.0
Typo3
Version 7.2.0
Typo3
Version 7.3.0
Typo3
Version 7.3.1
Typo3
Version 7.4.0
Typo3
Version 7.5.0
Typo3
Version 7.6.0
Typo3
Version 7.6.1
Typo3
Version 7.6.2
Typo3
Version 7.6.3
Typo3
Version 7.6.4
Typo3
Version 7.6.5
Typo3
Version 7.6.6
Typo3
Version 7.6.7
Typo3
Version 7.6.8
Typo3
Version 8.1.1

Related CWEs

CWE-254
CWE-254

References (6)

Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.