Candidate: CVE-2010-3716
PublicDate: 2010-10-25 20:01:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3716
Description:
 The be_user_creation task in TYPO3 4.2.x before 4.2.15 and 4.3.x before
 4.3.7 allows remote authenticated users to gain privileges via a crafted
 POST request that creates a user account with arbitrary group memberships.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_typo3-src:
upstream_typo3-src: released (4.3.7)
dapper_typo3-src: ignored (reached end-of-life)
hardy_typo3-src: ignored (reached end-of-life)
jaunty_typo3-src: ignored (reached end-of-life)
karmic_typo3-src: ignored (reached end-of-life)
lucid_typo3-src: ignored (reached end-of-life)
maverick_typo3-src: ignored (reached end-of-life)
natty_typo3-src: not-affected (4.3.8-1)
oneiric_typo3-src: not-affected (4.3.8-1)
precise_typo3-src: not-affected (4.3.8-1)
quantal_typo3-src: not-affected (4.3.8-1)
raring_typo3-src: not-affected (4.3.8-1)
saucy_typo3-src: not-affected (4.3.8-1)
devel_typo3-src: not-affected (4.3.8-1)