GHSA-wp8j-c736-c5r3 – typo3/cms

Package

Manager: composer
Name: typo3/cms
Vulnerable Version: >=6.2.0 <6.2.14 || >=7.0.0 <7.3.1

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: N/A pctlN/A

Details

TYPO3 Cross-Site Scripting Vulnerability Exploitable by Editors It has been discovered that link tags generated by typolink functionality in the website's frontend are vulnerable to cross-site scripting - values being assigned to HTML attributes have not been parsed correctly. A valid backend user account is needed to exploit this vulnerability. As second and separate vulnerability in the filelist module of the backend user interface has been referenced with this advisory as well. Error messages being shown after using a malicious name for renaming a file are not propery encoded, thus vulnerable to cross-site scripting. A valid backend user account is needed to exploit this vulnerability.

Metadata

Created: 2024-05-30T21:06:13Z
Modified: 2024-05-30T21:06:59Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-wp8j-c736-c5r3/GHSA-wp8j-c736-c5r3.json
CWE IDs: ["CWE-79"]
Alternative ID: N/A
Finding: F008
Auto approve: 1