GHSA-wp8j-c736-c5r3

Suggest an improvement
Source
https://github.com/advisories/GHSA-wp8j-c736-c5r3
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-wp8j-c736-c5r3/GHSA-wp8j-c736-c5r3.json
JSON Data
https://api.test.osv.dev/v1/vulns/GHSA-wp8j-c736-c5r3
Published
2024-05-30T21:06:13Z
Modified
2024-12-05T05:45:49.923447Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
TYPO3 Cross-Site Scripting Vulnerability Exploitable by Editors
Details

It has been discovered that link tags generated by typolink functionality in the website's frontend are vulnerable to cross-site scripting - values being assigned to HTML attributes have not been parsed correctly. A valid backend user account is needed to exploit this vulnerability.

As second and separate vulnerability in the filelist module of the backend user interface has been referenced with this advisory as well. Error messages being shown after using a malicious name for renaming a file are not propery encoded, thus vulnerable to cross-site scripting. A valid backend user account is needed to exploit this vulnerability.

Database specific
{
    "nvd_published_at": null,
    "cwe_ids": [
        "CWE-79"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2024-05-30T21:06:13Z"
}
References

Affected packages

Packagist / typo3/cms

Package

Name
typo3/cms
Purl
pkg:composer/typo3/cms

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.2.14

Affected versions

6.*

6.2.0
6.2.1
6.2.2
6.2.3
6.2.4
6.2.5
6.2.6
6.2.7
6.2.8
6.2.9
6.2.10-rc1
6.2.10
6.2.11
6.2.12
6.2.13

Packagist / typo3/cms

Package

Name
typo3/cms
Purl
pkg:composer/typo3/cms

Affected ranges

Type
ECOSYSTEM
Events
Introduced
7.0.0
Fixed
7.3.1

Affected versions

7.*

7.0.0
7.0.1
7.0.2
7.1.0
7.2.0
7.3.0