CVE-2014-3944: Improper Authentication

June 3, 2014 (updated June 4, 2014)

The Authentication component in TYPO3 does not properly invalidate timed out user sessions, which allows remote attackers to bypass authentication via unspecified vectors.

References

typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/

Code Behaviors & Features

Detect and mitigate CVE-2014-3944 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →