GHSA-m646-h2pw-56h4
Suggest an improvement- Source
- https://github.com/advisories/GHSA-m646-h2pw-56h4
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-m646-h2pw-56h4/GHSA-m646-h2pw-56h4.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-m646-h2pw-56h4
- Aliases
-
- CVE-2012-5890
- Published
- 2022-05-17T01:38:29Z
- Modified
- 2025-04-12T03:42:16.516247Z
- Severity
-
- 6.6 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U CVSS Calculator
- Summary
- Front End User Registration (sr_feuser_register) extension for TYPO3 allows remote attackers to obtain user names, passwords
- Details
-
The Front End User Registration (srfeuserregister) extension before 2.6.2 for TYPO3 allows remote attackers to obtain user names and passwords via the (1) edit perspective or (2) autologin feature.
- Database specific
{ "nvd_published_at": "2012-11-17T21:55:00Z", "cwe_ids": [ "CWE-200" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2025-04-12T03:06:33Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2012-5890
- https://exchange.xforce.ibmcloud.com/vulnerabilities/80145
- https://github.com/TYPO3-extensions/sr_feuser_register
- https://web.archive.org/web/20120715071728/http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-002
- http://forge.typo3.org/projects/extension-sr_feuser_register/repository/entry/trunk/ChangeLog
- http://forge.typo3.org/projects/extension-sr_feuser_register/repository/revisions/58720
Affected packages
Packagist / sjbr/sr-feuser-register
Package
- Name
- sjbr/sr-feuser-register
- Purl
- pkg:composer/sjbr/sr-feuser-register