Skip to main content

Routes

1 CVEs product

Monthly

CVE-2021-36793 PHP HIGH PATCH This Week

The routes (aka Extbase Yaml Routes) extension before 2.1.1 for TYPO3, when CsrfTokenViewHelper is used, allows Sensitive Information Disclosure because a session identifier is unsafely present in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Routes
NVD
CVSS 3.1
7.5
EPSS
1.0%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

The routes (aka Extbase Yaml Routes) extension before 2.1.1 for TYPO3, when CsrfTokenViewHelper is used, allows Sensitive Information Disclosure because a session identifier is unsafely present in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Routes
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy