CVE-2014-8328
03.02.2020, 14:15
The default configuration in the Dynamic Content Elements (dce) extension before 0.11.5 for TYPO3 allows remote attackers to obtain sensitive installation environment information by reading the update check request.Enginsight
| Vendor | Product | Version |
|---|---|---|
| dynamic_content_elements_project | dynamic_content_elements | 0.7.0 ≤ 𝑥 ≤ 0.7.5 |
| dynamic_content_elements_project | dynamic_content_elements | 0.8.0 ≤ 𝑥 ≤ 0.8.6 |
| dynamic_content_elements_project | dynamic_content_elements | 0.9.0 ≤ 𝑥 ≤ 0.9.4 |
| dynamic_content_elements_project | dynamic_content_elements | 0.10.0 ≤ 𝑥 ≤ 0.10.2 |
| dynamic_content_elements_project | dynamic_content_elements | 0.11.0 ≤ 𝑥 < 0.11.5 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References