Extbase in TYPO3 4.3.0 before 6.2.24, 7.x before 7.6.8, and 8.1.1 allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted Extbase action.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Typo3 | Typo3 | * | 6.2.23 (including) |
| Typo3 | Typo3 | 7.0.0 (including) | 7.0.0 (including) |
| Typo3 | Typo3 | 7.0.2 (including) | 7.0.2 (including) |
| Typo3 | Typo3 | 7.1.0 (including) | 7.1.0 (including) |
| Typo3 | Typo3 | 7.2.0 (including) | 7.2.0 (including) |
| Typo3 | Typo3 | 7.3.0 (including) | 7.3.0 (including) |
| Typo3 | Typo3 | 7.3.1 (including) | 7.3.1 (including) |
| Typo3 | Typo3 | 7.4.0 (including) | 7.4.0 (including) |
| Typo3 | Typo3 | 7.5.0 (including) | 7.5.0 (including) |
| Typo3 | Typo3 | 7.6.0 (including) | 7.6.0 (including) |
| Typo3 | Typo3 | 7.6.1 (including) | 7.6.1 (including) |
| Typo3 | Typo3 | 7.6.2 (including) | 7.6.2 (including) |
| Typo3 | Typo3 | 7.6.3 (including) | 7.6.3 (including) |
| Typo3 | Typo3 | 7.6.4 (including) | 7.6.4 (including) |
| Typo3 | Typo3 | 7.6.5 (including) | 7.6.5 (including) |
| Typo3 | Typo3 | 7.6.6 (including) | 7.6.6 (including) |
| Typo3 | Typo3 | 7.6.7 (including) | 7.6.7 (including) |
| Typo3 | Typo3 | 7.6.8 (including) | 7.6.8 (including) |
| Typo3 | Typo3 | 8.1.1 (including) | 8.1.1 (including) |
| Typo3-src | Ubuntu | precise | * |
| Typo3-src | Ubuntu | trusty | * |