Bug #22030
Updated by Helmut Hummel over 8 years ago
Knowing a salted hashed password is sufficient to authenticate a Frontend user when using activated sytem extension saltedpassword in the frontend. Copy a salted hashed password from a FE user record. Make a login attempt with username and this copied salted password hash. Due to regularily dealing with SQL Injection issues, we obviously want to prevent such bypassing. Reported by Sven Haertwig Vulnerable TYPO3 Core versions: 4.3.0, 4.3.1 TYPO3 Security OTRS X-Reference: #2010013010000011 (issue imported from #M13372)