Medium severity6.5NVD Advisory· Published Nov 5, 2019· Updated Jun 16, 2026
CVE-2010-3671
CVE-2010-3671
Description
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 is open to a session fixation attack which allows remote attackers to hijack a victim's session.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
typo3/cms-installPackagist | < 4.1.14 | 4.1.14 |
typo3/cms-installPackagist | >= 4.2.0, < 4.2.13 | 4.2.13 |
typo3/cms-installPackagist | >= 4.3.0, < 4.3.4 | 4.3.4 |
typo3/cms-installPackagist | >= 4.4.0, < 4.4.1 | 4.4.1 |
Affected products
2- TYPO3/TYPO3description
Patches
Vulnerability mechanics
References
9- bugs.debian.org/cgi-bin/bugreport.cginvdThird Party AdvisoryWEB
- github.com/advisories/GHSA-gqmh-5xmq-3fhgghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2010-3671ghsaADVISORY
- security-tracker.debian.org/tracker/CVE-2010-3671nvdThird Party AdvisoryWEB
- typo3.org/security/advisory/typo3-sa-2010-012/nvdVendor AdvisoryWEB
- github.com/TYPO3/typo3/commit/199cc2d53747d76657d7aab612c6b3f728d0f15dghsaWEB
- github.com/TYPO3/typo3/commit/1d649976e1f1bda684cdc7120e9f74a543059181ghsaWEB
- github.com/TYPO3/typo3/commit/d3577c8e2c49122c4ab5955c70688ee441d06f23ghsaWEB
- github.com/TYPO3/typo3/commit/ef3676281b0346644041a93fcbaa7bd9844bbbc5ghsaWEB
News mentions
0No linked articles in our index yet.