GHSA-rjrq-93hp-22ww
Suggest an improvement- Source
- https://github.com/advisories/GHSA-rjrq-93hp-22ww
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-rjrq-93hp-22ww/GHSA-rjrq-93hp-22ww.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-rjrq-93hp-22ww
- Aliases
-
- CVE-2009-1264
- Published
- 2022-05-02T03:23:15Z
- Modified
- 2025-04-10T01:42:10.247799Z
- Severity
-
- 8.7 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator
- Summary
- Frontend User Registration extension for TYPO3 does not properly verify access rights
- Details
-
Frontend User Registration (srfeuserregister) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information such as passwords via unknown attack vectors.
- Database specific
{ "nvd_published_at": "2009-04-07T23:30:00Z", "cwe_ids": [ "CWE-284" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2025-04-10T01:15:25Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2009-1264
- https://github.com/TYPO3-extensions/sr_feuser_register
- https://web.archive.org/web/20090527190538/http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-004
- https://web.archive.org/web/20200228205603/http://www.securityfocus.com/bid/34374
- http://typo3.org/extensions/repository/view/sr_feuser_register/2.5.21
Affected packages
Packagist / sjbr/sr-feuser-register
Package
- Name
- sjbr/sr-feuser-register
- Purl
- pkg:composer/sjbr/sr-feuser-register