Input validation error in TYPO3 - CVE-2010-3667
Published: November 4, 2019 / Updated: July 17, 2020
Vulnerability identifier: #VU30715
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2010-3667
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: TYPO3
Affected software:
TYPO3
TYPO3
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to manipulate data.
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Spam Abuse in the native form content element.
How to mitigate CVE-2010-3667
Install update from vendor's website.