TYPO3 is an open source PHP based web content management system released under the GNU GPL. In typo3 installations there are always at least two different sites. Eg. first.example.org and second.example.com. In affected versions a session cookie generated for the first site can be reused on the second site without requiring additional authentication. This vulnerability has been addressed in versions 8.7.55, 9.5.44, 10.4.41, 11.5.33, and 12.4.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-11-14T19:26:07.849Z

Updated: 2024-08-29T20:42:22.685Z

Reserved: 2023-10-30T19:57:51.677Z

Link: CVE-2023-47127

cve-icon Vulnrichment

Updated: 2024-08-02T21:01:22.883Z

cve-icon NVD

Status : Modified

Published: 2023-11-14T20:15:08.230

Modified: 2024-11-21T08:29:50.073

Link: CVE-2023-47127

cve-icon Redhat

No data.