What is CVE-2009-0815?

CVE-2009-0815 is a vulnerability in N/a. Published 2009-03-05.

Is CVE-2009-0815 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2009-0815

The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote attackers to read arbitra…

EPSS: 0.528 (98.0th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

[oss-security] 20090210 CVE request: typo3 xss (typo3-sa-2009-002) (mailing-list, x_refsource_MLIST)
DSA-1720 (vendor-advisory, x_refsource_DEBIAN)
1021710 (vdb-entry, x_refsource_SECTRACK)
typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/ (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2009-0815?: CVE-2009-0815 is a vulnerability in N/a. Published 2009-03-05.
Is CVE-2009-0815 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.