The ke_questionnaire extension 2.5.2 and earlier for TYPO3 uses predictable names for the questionnaire answer forms, which makes it easier for remote attackers to obtain sensitive information via a direct request.
References
Configurations
History
No history.
Information
Published : 2014-12-02 16:59
Updated : 2024-02-04 18:35
NVD link : CVE-2014-8874
Mitre link : CVE-2014-8874
CVE.ORG link : CVE-2014-8874
JSON object : View
Products Affected
kennziffer
- ke_questionnaire
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor