Skip to content

Security fixes for Information Disclosure and Broken Access Control in Backend Module
Compare
Choose a tag to compare
@derhansen derhansen released this 02 Sep 07:06
5.1.1
17edcbf
This commit was signed with the committer’s verified signature.
derhansen Torben Hansen
GPG key ID: 37CF88CB71EB2ECF
Verified
Learn about vigilant mode.
  • Event access is checked for all actions with event parameters
  • List view checks if current PID is in users webmount
  • EventRepository considers int value 0 as constraint for storagePage restrictions

External Reference: https://typo3.org/security/advisory/typo3-ext-sa-2020-017

Assets 2
Loading