GHSA-hww5-6x85-mc24
Suggest an improvement- Source
- https://github.com/advisories/GHSA-hww5-6x85-mc24
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/06/GHSA-hww5-6x85-mc24/GHSA-hww5-6x85-mc24.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-hww5-6x85-mc24
- Published
- 2024-06-05T17:19:26Z
- Modified
- 2024-12-02T05:31:10.307050Z
- Summary
- Typo3 Arbitrary Code Execution and Cross-Site Scripting in Backend API
- Details
-
Backend API configuration using Page TSconfig is vulnerable to arbitrary code execution and cross-site scripting. TSconfig fields of page properties in backend forms can be used to inject malicious sequences. Field tsconfig_includes is vulnerable to directory traversal leading to same scenarios as having direct access to TSconfig settings.
A valid backend user account having access to modify values for fields pages.TSconfig and pages.tsconfig_includes is needed in order to exploit this vulnerability.
- Database specific
{ "github_reviewed": true, "github_reviewed_at": "2024-06-05T17:19:26Z", "severity": "MODERATE", "nvd_published_at": null, "cwe_ids": [] }- References
Affected packages
Packagist / typo3/cms
Package
- Name
- typo3/cms
- Purl
- pkg:composer/typo3/cms
Affected versions
8.*
8.0.0
8.0.1
8.1.0
8.1.1
8.1.2
8.2.0
8.2.1
8.3.0
8.3.1
8.4.0
8.4.1
8.5.0
8.5.1
8.6.0
8.6.1
8.7.0
8.7.1
8.7.2
v8.*
v8.7.3
v8.7.4
v8.7.5
v8.7.6
v8.7.7
v8.7.8
v8.7.9
v8.7.10
v8.7.11
v8.7.12
v8.7.13
v8.7.14
v8.7.15
v8.7.16
v8.7.17
v8.7.18
v8.7.19
v8.7.20
v8.7.21
v8.7.22
v8.7.23
v8.7.24
v8.7.25
v8.7.26
Packagist / typo3/cms
Package
- Name
- typo3/cms
- Purl
- pkg:composer/typo3/cms