vulnerability

Ubuntu: (CVE-2011-4904): typo3-src vulnerability

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:N/A:N)

Published

Nov 6, 2019

Added

Nov 19, 2024

Modified

Mar 27, 2026

Description

TYPO3 before 4.4.9 and 4.5.x before 4.5.4 does not apply proper access control on ExtDirect calls which allows remote attackers to retrieve ExtDirect endpoint services.

Solution

ubuntu-upgrade-typo3-src

References

CVE-2011-4904
https://attackerkb.com/topics/CVE-2011-4904
CWE-20
EUVD-EUVD-2022-1811
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-001/
https://euvd.enisa.europa.eu/vulnerability/EUVD-2022-1811
https://www.cve.org/CVERecord?id=CVE-2011-4904

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report