Required CVE Record Information
Description
The ke_questionnaire extension 2.5.2 and earlier for TYPO3 uses predictable names for the questionnaire answer forms, which makes it easier for remote attackers to obtain sensitive information via a direct request.
References 3 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 3 Total
- seclists.org: 20141201 [RT-SA-2014-009] Information Disclosure in TYPO3 Extension ke_questionnaire mailing-listx_transferred
- https://www.redteam-pentesting.de/advisories/rt-sa-2014-009 x_transferred
- securityfocus.com: 20141201 [RT-SA-2014-009] Information Disclosure in TYPO3 Extension ke_questionnaire mailing-listx_transferred