Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS04MzhjLXY1Y3EtaHAzM84AAcSK
TYPO3 OpenID extension Open redirect vulnerability
Open redirect vulnerability in the OpenID extension in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Permalink: https://github.com/advisories/GHSA-838c-v5cq-hp33JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS04MzhjLXY1Y3EtaHAzM84AAcSK
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: about 2 years ago
Updated: 9 months ago
Identifiers: GHSA-838c-v5cq-hp33, CVE-2013-7079
References:
- https://nvd.nist.gov/vuln/detail/CVE-2013-7079
- http://seclists.org/oss-sec/2013/q4/473
- http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/
- http://www.debian.org/security/2014/dsa-2834
- http://www.securityfocus.com/bid/64252
- https://github.com/advisories/GHSA-838c-v5cq-hp33
Affected Packages
packagist:friendsoftypo3/openid
Dependent packages: 0Dependent repositories: 0
Downloads: 64,762 total
Affected Version Ranges: >= 6.1.0, < 6.1.6, >= 6.0.0, < 6.0.11, >= 4.7.0, < 4.7.16, >= 4.5.0, < 4.5.31
Fixed in: 6.1.6, 6.0.11, 4.7.16, 4.5.31
All affected versions:
All unaffected versions: 7.6.1, 7.6.3, 7.6.4, 8.0.0, 8.0.1, 8.0.2, 8.1.0, 8.1.1, 10.0.0, 10.0.1, 10.1.0, 11.0.0, 11.0.1, 11.0.2, 11.0.3, 11.0.4, 12.0.0, 12.0.1, 12.0.2