TYPO3 OpenID Extension Open Redirection Vulnerability

TYPO3 is prone to an open-redirection vulnerability.

An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible.

This issue is fixed in TYPO3 4.5.32, 4.7.17, 6.0.12, and 6.1.7


 

Privacy Statement
Copyright 2010, SecurityFocus