CVE-2013-7081

NameCVE-2013-7081
DescriptionThe (old) Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-2834-1
Debian Bugs731999

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
typo3-srcsourcesqueeze4.3.9+dfsg1-1+squeeze9DSA-2834-1
typo3-srcsourcewheezy4.5.19+dfsg1-5+wheezy2DSA-2834-1
typo3-srcsource(unstable)4.5.32+dfsg1-1731999

Notes

https://review.typo3.org/#/c/26182/
Search for package or bug name: Reporting problems