Moderate severityNVD Advisory· Published Aug 13, 2021· Updated Aug 4, 2024
CVE-2021-36793
CVE-2021-36793
Description
The routes (aka Extbase Yaml Routes) extension before 2.1.1 for TYPO3, when CsrfTokenViewHelper is used, allows Sensitive Information Disclosure because a session identifier is unsafely present in HTML output.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
lms/routesPackagist | < 2.1.1 | 2.1.1 |
Affected products
2- TYPO3/routesdescription
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-vpw5-grxx-v396ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-36793ghsaADVISORY
- typo3.org/help/security-advisories/securitymitrex_refsource_MISC
- typo3.org/security/advisory/typo3-ext-sa-2021-008ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.