Security Advisory

CVE-2020-28917

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-11-18 08:16:34
Last updated 2024-08-04 16:40:59
Assigner mitre
State PUBLISHED

Description

An issue was discovered in the view_statistics (aka View frontend statistics) extension before 2.0.1 for TYPO3. It saves all GET and POST data of TYPO3 frontend requests to the database. Depending on the extensions used on a TYPO3 website, sensitive data (e.g., cleartext passwords if ext:felogin is installed) may be saved.