Project

General

Profile

Bug #22030

Updated by Helmut Hummel over 8 years ago

Knowing a salted hashed password is sufficient to authenticate a Frontend user when using activated sytem extension saltedpassword in the frontend. 

 

 Copy a salted hashed password from a FE user record. Make a login attempt with username and this copied salted password hash. 

 Due to regularily dealing with SQL Injection issues, we obviously want to prevent such bypassing. 

 

 Reported by Sven Haertwig 

 Vulnerable TYPO3 Core versions: 4.3.0, 4.3.1 

 TYPO3 Security OTRS X-Reference: #2010013010000011 
 
 (issue imported from #M13372)

Back