Typo3 : extension – White Papers vulnerabilities

February 7, 2012 By

This extension is highly vulnerable. Please read full alert.


Information At A Glance
  • Source – Typo3.org
  • Version/Dependency – 0.0.4 and all previous versions
  • Developer – n/a
  • Severity – Critical
Summary
The extension White Papers (mm_whtppr) is vulnerable to SQL Injection.
Fix / Corrective Action(s)
Per the TYPO3 Bulletin: “Versions of this extension that are known to be vulnerable will no longer be available for download from the TYPO3 Extension Repository. The extension author failed in providing a security fix for the reported vulnerability in a decent amount of time. Please uninstall and delete the extension folder from your installation.”
Miscellaneous
Credit: Alexander Kellner

Disclaimer: Salvus Alerting provides timely industry related information to its subscriber community and visitors for informational purposes only and makes every effort to distribute accurate and reliable information. Any information provided, is considered “as-is” and the subscriber and/or visitor assumes all responsibility for its uses. Salvus Alerting disclaims all warranties with regard to the information being provided, including all implied warranties of merchantability and fitness. In no event shall Salvus Alerting be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other legal action, arising out of or in connection with the use or performance of this information being provided. Salvus Systems and Salvus Alerting is a wholly owned and operated by FactNgN, LLC. – as of 02/07/2012
Filed Under: CMS, Latest SalvusAlerts, Typo3