Vulnerabilites related to TYPO3 - TYPO3.CMS
cve-2021-32669
Vulnerability from cvelistv5
Published
2021-07-20 15:35
Modified
2024-08-03 23:25
Summary
TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When settings for _backend layouts_ are not properly encoded, the corresponding grid view is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. TYPO3 versions 9.5.29, 10.4.18, 11.3.1 contain a patch for this vulnerability.
Impacted products
Vendor Product Version
TYPO3 TYPO3.CMS Version: >= 9.0.0, < 9.5.29
Version: >= 10.0.0, < 10.4.18
Version: >= 11.0.0, < 11.3.1
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T23:25:31.073Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-rgcg-28xm-8mmw",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://typo3.org/security/advisory/typo3-core-sa-2021-011",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "TYPO3.CMS",
               vendor: "TYPO3",
               versions: [
                  {
                     status: "affected",
                     version: ">= 9.0.0, < 9.5.29",
                  },
                  {
                     status: "affected",
                     version: ">= 10.0.0, < 10.4.18",
                  },
                  {
                     status: "affected",
                     version: ">= 11.0.0, < 11.3.1",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When settings for _backend layouts_ are not properly encoded, the corresponding grid view is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. TYPO3 versions 9.5.29, 10.4.18, 11.3.1 contain a patch for this vulnerability.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-07-20T15:35:10",
            orgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
            shortName: "GitHub_M",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-rgcg-28xm-8mmw",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://typo3.org/security/advisory/typo3-core-sa-2021-011",
            },
         ],
         source: {
            advisory: "GHSA-rgcg-28xm-8mmw",
            discovery: "UNKNOWN",
         },
         title: "Cross-Site Scripting in Backend Grid View",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security-advisories@github.com",
               ID: "CVE-2021-32669",
               STATE: "PUBLIC",
               TITLE: "Cross-Site Scripting in Backend Grid View",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "TYPO3.CMS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: ">= 9.0.0, < 9.5.29",
                                       },
                                       {
                                          version_value: ">= 10.0.0, < 10.4.18",
                                       },
                                       {
                                          version_value: ">= 11.0.0, < 11.3.1",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "TYPO3",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When settings for _backend layouts_ are not properly encoded, the corresponding grid view is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. TYPO3 versions 9.5.29, 10.4.18, 11.3.1 contain a patch for this vulnerability.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-rgcg-28xm-8mmw",
                     refsource: "CONFIRM",
                     url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-rgcg-28xm-8mmw",
                  },
                  {
                     name: "https://typo3.org/security/advisory/typo3-core-sa-2021-011",
                     refsource: "MISC",
                     url: "https://typo3.org/security/advisory/typo3-core-sa-2021-011",
                  },
               ],
            },
            source: {
               advisory: "GHSA-rgcg-28xm-8mmw",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
      assignerShortName: "GitHub_M",
      cveId: "CVE-2021-32669",
      datePublished: "2021-07-20T15:35:11",
      dateReserved: "2021-05-12T00:00:00",
      dateUpdated: "2024-08-03T23:25:31.073Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-32667
Vulnerability from cvelistv5
Published
2021-07-20 14:40
Modified
2024-08-03 23:25
Summary
TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When _Page TSconfig_ settings are not properly encoded, corresponding page preview module (_Web>View_) is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. TYPO3 versions 9.5.29, 10.4.18, 11.3.1 contain a patch for this issue.
Impacted products
Vendor Product Version
TYPO3 TYPO3.CMS Version: >= 9.0.0, < 9.5.29
Version: >= 10.0.0, < 10.4.18
Version: >= 11.0.0, < 11.3.1
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T23:25:31.059Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-8mq9-fqv8-59wf",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://typo3.org/security/advisory/typo3-core-sa-2021-009",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "TYPO3.CMS",
               vendor: "TYPO3",
               versions: [
                  {
                     status: "affected",
                     version: ">= 9.0.0, < 9.5.29",
                  },
                  {
                     status: "affected",
                     version: ">= 10.0.0, < 10.4.18",
                  },
                  {
                     status: "affected",
                     version: ">= 11.0.0, < 11.3.1",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When _Page TSconfig_ settings are not properly encoded, corresponding page preview module (_Web>View_) is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. TYPO3 versions 9.5.29, 10.4.18, 11.3.1 contain a patch for this issue.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-07-20T14:40:10",
            orgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
            shortName: "GitHub_M",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-8mq9-fqv8-59wf",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://typo3.org/security/advisory/typo3-core-sa-2021-009",
            },
         ],
         source: {
            advisory: "GHSA-8mq9-fqv8-59wf",
            discovery: "UNKNOWN",
         },
         title: "Cross-Site Scripting in Page Preview",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security-advisories@github.com",
               ID: "CVE-2021-32667",
               STATE: "PUBLIC",
               TITLE: "Cross-Site Scripting in Page Preview",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "TYPO3.CMS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: ">= 9.0.0, < 9.5.29",
                                       },
                                       {
                                          version_value: ">= 10.0.0, < 10.4.18",
                                       },
                                       {
                                          version_value: ">= 11.0.0, < 11.3.1",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "TYPO3",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When _Page TSconfig_ settings are not properly encoded, corresponding page preview module (_Web>View_) is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. TYPO3 versions 9.5.29, 10.4.18, 11.3.1 contain a patch for this issue.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-8mq9-fqv8-59wf",
                     refsource: "CONFIRM",
                     url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-8mq9-fqv8-59wf",
                  },
                  {
                     name: "https://typo3.org/security/advisory/typo3-core-sa-2021-009",
                     refsource: "MISC",
                     url: "https://typo3.org/security/advisory/typo3-core-sa-2021-009",
                  },
               ],
            },
            source: {
               advisory: "GHSA-8mq9-fqv8-59wf",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
      assignerShortName: "GitHub_M",
      cveId: "CVE-2021-32667",
      datePublished: "2021-07-20T14:40:11",
      dateReserved: "2021-05-12T00:00:00",
      dateUpdated: "2024-08-03T23:25:31.059Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-32668
Vulnerability from cvelistv5
Published
2021-07-20 14:45
Modified
2024-08-03 23:25
Summary
TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When error messages are not properly encoded, the components _QueryGenerator_ and _QueryView_ are vulnerable to both reflected and persistent cross-site scripting. A valid backend user account having administrator privileges is needed to exploit this vulnerability. TYPO3 versions 9.5.29, 10.4.18, 11.3.1 contain a patch for this issue.
Impacted products
Vendor Product Version
TYPO3 TYPO3.CMS Version: >= 9.0.0, < 9.5.29
Version: >= 10.0.0, < 10.4.18
Version: >= 11.0.0, < 11.3.1
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T23:25:31.124Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-6mh3-j5r5-2379",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://typo3.org/security/advisory/typo3-core-sa-2021-010",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "TYPO3.CMS",
               vendor: "TYPO3",
               versions: [
                  {
                     status: "affected",
                     version: ">= 9.0.0, < 9.5.29",
                  },
                  {
                     status: "affected",
                     version: ">= 10.0.0, < 10.4.18",
                  },
                  {
                     status: "affected",
                     version: ">= 11.0.0, < 11.3.1",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When error messages are not properly encoded, the components _QueryGenerator_ and _QueryView_ are vulnerable to both reflected and persistent cross-site scripting. A valid backend user account having administrator privileges is needed to exploit this vulnerability. TYPO3 versions 9.5.29, 10.4.18, 11.3.1 contain a patch for this issue.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-07-20T14:45:13",
            orgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
            shortName: "GitHub_M",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-6mh3-j5r5-2379",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://typo3.org/security/advisory/typo3-core-sa-2021-010",
            },
         ],
         source: {
            advisory: "GHSA-6mh3-j5r5-2379",
            discovery: "UNKNOWN",
         },
         title: "Cross-Site Scripting in Query Generator & Query View",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security-advisories@github.com",
               ID: "CVE-2021-32668",
               STATE: "PUBLIC",
               TITLE: "Cross-Site Scripting in Query Generator & Query View",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "TYPO3.CMS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: ">= 9.0.0, < 9.5.29",
                                       },
                                       {
                                          version_value: ">= 10.0.0, < 10.4.18",
                                       },
                                       {
                                          version_value: ">= 11.0.0, < 11.3.1",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "TYPO3",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When error messages are not properly encoded, the components _QueryGenerator_ and _QueryView_ are vulnerable to both reflected and persistent cross-site scripting. A valid backend user account having administrator privileges is needed to exploit this vulnerability. TYPO3 versions 9.5.29, 10.4.18, 11.3.1 contain a patch for this issue.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-6mh3-j5r5-2379",
                     refsource: "CONFIRM",
                     url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-6mh3-j5r5-2379",
                  },
                  {
                     name: "https://typo3.org/security/advisory/typo3-core-sa-2021-010",
                     refsource: "MISC",
                     url: "https://typo3.org/security/advisory/typo3-core-sa-2021-010",
                  },
               ],
            },
            source: {
               advisory: "GHSA-6mh3-j5r5-2379",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
      assignerShortName: "GitHub_M",
      cveId: "CVE-2021-32668",
      datePublished: "2021-07-20T14:45:13",
      dateReserved: "2021-05-12T00:00:00",
      dateUpdated: "2024-08-03T23:25:31.124Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-21370
Vulnerability from cvelistv5
Published
2021-03-23 01:55
Modified
2024-08-03 18:09
Summary
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 it has been discovered that content elements of type _menu_ are vulnerable to cross-site scripting when their referenced items get previewed in the page module. A valid backend user account is needed to exploit this vulnerability. This is fixed in versions 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1.
Impacted products
Vendor Product Version
TYPO3 TYPO3.CMS Version: >= 7.0.0, <= 7.6.50
Version: >= 8.0.0, <= 8.7.39
Version: >= 9.0.0, <= 9.5.24
Version: >= 10.0.0, <= 10.4.13
Version: >= 11.0.0, <= 11.1.0
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T18:09:15.935Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://packagist.org/packages/typo3/cms-backend",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://typo3.org/security/advisory/typo3-core-sa-2021-008",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "TYPO3.CMS",
               vendor: "TYPO3",
               versions: [
                  {
                     status: "affected",
                     version: ">= 7.0.0, <= 7.6.50",
                  },
                  {
                     status: "affected",
                     version: ">= 8.0.0, <= 8.7.39",
                  },
                  {
                     status: "affected",
                     version: ">= 9.0.0, <= 9.5.24",
                  },
                  {
                     status: "affected",
                     version: ">= 10.0.0, <= 10.4.13",
                  },
                  {
                     status: "affected",
                     version: ">= 11.0.0, <= 11.1.0",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 it has been discovered that content elements of type _menu_ are vulnerable to cross-site scripting when their referenced items get previewed in the page module. A valid backend user account is needed to exploit this vulnerability. This is fixed in versions 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79 Cross-site Scripting (XSS)",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-03-23T01:55:12",
            orgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
            shortName: "GitHub_M",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://packagist.org/packages/typo3/cms-backend",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://typo3.org/security/advisory/typo3-core-sa-2021-008",
            },
         ],
         source: {
            advisory: "GHSA-x7hc-x7fm-f7qh",
            discovery: "UNKNOWN",
         },
         title: "Cross-Site Scripting in Content Preview (CType menu)",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security-advisories@github.com",
               ID: "CVE-2021-21370",
               STATE: "PUBLIC",
               TITLE: "Cross-Site Scripting in Content Preview (CType menu)",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "TYPO3.CMS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: ">= 7.0.0, <= 7.6.50",
                                       },
                                       {
                                          version_value: ">= 8.0.0, <= 8.7.39",
                                       },
                                       {
                                          version_value: ">= 9.0.0, <= 9.5.24",
                                       },
                                       {
                                          version_value: ">= 10.0.0, <= 10.4.13",
                                       },
                                       {
                                          version_value: ">= 11.0.0, <= 11.1.0",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "TYPO3",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 it has been discovered that content elements of type _menu_ are vulnerable to cross-site scripting when their referenced items get previewed in the page module. A valid backend user account is needed to exploit this vulnerability. This is fixed in versions 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-79 Cross-site Scripting (XSS)",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://packagist.org/packages/typo3/cms-backend",
                     refsource: "MISC",
                     url: "https://packagist.org/packages/typo3/cms-backend",
                  },
                  {
                     name: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh",
                     refsource: "CONFIRM",
                     url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh",
                  },
                  {
                     name: "https://typo3.org/security/advisory/typo3-core-sa-2021-008",
                     refsource: "MISC",
                     url: "https://typo3.org/security/advisory/typo3-core-sa-2021-008",
                  },
               ],
            },
            source: {
               advisory: "GHSA-x7hc-x7fm-f7qh",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
      assignerShortName: "GitHub_M",
      cveId: "CVE-2021-21370",
      datePublished: "2021-03-23T01:55:12",
      dateReserved: "2020-12-22T00:00:00",
      dateUpdated: "2024-08-03T18:09:15.935Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-26228
Vulnerability from cvelistv5
Published
2020-11-23 21:10
Modified
2024-08-04 15:56
Summary
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.23 and 10.4.10 user session identifiers were stored in cleartext - without processing with additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance SQL injection in any other component of the system. Update to TYPO3 versions 9.5.23 or 10.4.10 that fix the problem described.
Impacted products
Vendor Product Version
TYPO3 TYPO3.CMS Version: >= 9.0.0, < 9.5.23
Version: >= 10.0.0, < 10.4.10
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T15:56:03.135Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-954j-f27r-cj52",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://typo3.org/security/advisory/typo3-core-sa-2020-011",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "TYPO3.CMS",
               vendor: "TYPO3",
               versions: [
                  {
                     status: "affected",
                     version: ">= 9.0.0, < 9.5.23",
                  },
                  {
                     status: "affected",
                     version: ">= 10.0.0, < 10.4.10",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.23 and 10.4.10 user session identifiers were stored in cleartext - without processing with additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance SQL injection in any other component of the system. Update to TYPO3 versions 9.5.23 or 10.4.10 that fix the problem described.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-312",
                     description: "CWE-312: Cleartext Storage of Sensitive Information",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-11-23T21:10:16",
            orgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
            shortName: "GitHub_M",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-954j-f27r-cj52",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://typo3.org/security/advisory/typo3-core-sa-2020-011",
            },
         ],
         source: {
            advisory: "GHSA-954j-f27r-cj52",
            discovery: "UNKNOWN",
         },
         title: "Cleartext storage of session identifier",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security-advisories@github.com",
               ID: "CVE-2020-26228",
               STATE: "PUBLIC",
               TITLE: "Cleartext storage of session identifier",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "TYPO3.CMS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: ">= 9.0.0, < 9.5.23",
                                       },
                                       {
                                          version_value: ">= 10.0.0, < 10.4.10",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "TYPO3",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.23 and 10.4.10 user session identifiers were stored in cleartext - without processing with additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance SQL injection in any other component of the system. Update to TYPO3 versions 9.5.23 or 10.4.10 that fix the problem described.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-312: Cleartext Storage of Sensitive Information",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-954j-f27r-cj52",
                     refsource: "CONFIRM",
                     url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-954j-f27r-cj52",
                  },
                  {
                     name: "https://typo3.org/security/advisory/typo3-core-sa-2020-011",
                     refsource: "MISC",
                     url: "https://typo3.org/security/advisory/typo3-core-sa-2020-011",
                  },
               ],
            },
            source: {
               advisory: "GHSA-954j-f27r-cj52",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
      assignerShortName: "GitHub_M",
      cveId: "CVE-2020-26228",
      datePublished: "2020-11-23T21:10:16",
      dateReserved: "2020-10-01T00:00:00",
      dateUpdated: "2024-08-04T15:56:03.135Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-21340
Vulnerability from cvelistv5
Published
2021-03-23 01:50
Modified
2024-08-03 18:09
Summary
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 10.4.14, 11.1.1 it has been discovered that database fields used as _descriptionColumn_ are vulnerable to cross-site scripting when their content gets previewed. A valid backend user account is needed to exploit this vulnerability. This is fixed in versions 10.4.14, 11.1.1 .
Impacted products
Vendor Product Version
TYPO3 TYPO3.CMS Version: >= 10.0.0, <= 10.4.13
Version: >= 11.0.0, <= 11.1.0
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T18:09:15.910Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-fjh3-g8gq-9q92",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://packagist.org/packages/typo3/cms-backend",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://typo3.org/security/advisory/typo3-core-sa-2021-007",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "TYPO3.CMS",
               vendor: "TYPO3",
               versions: [
                  {
                     status: "affected",
                     version: ">= 10.0.0, <= 10.4.13",
                  },
                  {
                     status: "affected",
                     version: ">= 11.0.0, <= 11.1.0",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 10.4.14, 11.1.1 it has been discovered that database fields used as _descriptionColumn_ are vulnerable to cross-site scripting when their content gets previewed. A valid backend user account is needed to exploit this vulnerability. This is fixed in versions 10.4.14, 11.1.1 .",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79 Cross-site Scripting (XSS)",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-03-23T01:50:34",
            orgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
            shortName: "GitHub_M",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-fjh3-g8gq-9q92",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://packagist.org/packages/typo3/cms-backend",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://typo3.org/security/advisory/typo3-core-sa-2021-007",
            },
         ],
         source: {
            advisory: "GHSA-fjh3-g8gq-9q92",
            discovery: "UNKNOWN",
         },
         title: "Cross-Site Scripting in Content Preview",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security-advisories@github.com",
               ID: "CVE-2021-21340",
               STATE: "PUBLIC",
               TITLE: "Cross-Site Scripting in Content Preview",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "TYPO3.CMS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: ">= 10.0.0, <= 10.4.13",
                                       },
                                       {
                                          version_value: ">= 11.0.0, <= 11.1.0",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "TYPO3",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 10.4.14, 11.1.1 it has been discovered that database fields used as _descriptionColumn_ are vulnerable to cross-site scripting when their content gets previewed. A valid backend user account is needed to exploit this vulnerability. This is fixed in versions 10.4.14, 11.1.1 .",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-79 Cross-site Scripting (XSS)",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-fjh3-g8gq-9q92",
                     refsource: "CONFIRM",
                     url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-fjh3-g8gq-9q92",
                  },
                  {
                     name: "https://packagist.org/packages/typo3/cms-backend",
                     refsource: "MISC",
                     url: "https://packagist.org/packages/typo3/cms-backend",
                  },
                  {
                     name: "https://typo3.org/security/advisory/typo3-core-sa-2021-007",
                     refsource: "MISC",
                     url: "https://typo3.org/security/advisory/typo3-core-sa-2021-007",
                  },
               ],
            },
            source: {
               advisory: "GHSA-fjh3-g8gq-9q92",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
      assignerShortName: "GitHub_M",
      cveId: "CVE-2021-21340",
      datePublished: "2021-03-23T01:50:34",
      dateReserved: "2020-12-22T00:00:00",
      dateUpdated: "2024-08-03T18:09:15.910Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-21359
Vulnerability from cvelistv5
Published
2021-03-23 01:55
Modified
2024-08-03 18:09
Summary
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.25, 10.4.14, 11.1.1 requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as error message from another page. This leads to a scenario in which the application is calling itself recursively - amplifying the impact of the initial attack until the limits of the web server are exceeded. This is fixed in versions 9.5.25, 10.4.14, 11.1.1.
Impacted products
Vendor Product Version
TYPO3 TYPO3.CMS Version: >= 9.0.0, <= 9.5.24
Version: >= 10.0.0, <= 10.4.13
Version: >= 11.0.0, <= 11.1.0
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T18:09:15.893Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://packagist.org/packages/typo3/cms-core",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4p9g-qgx9-397p",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://typo3.org/security/advisory/typo3-core-sa-2021-005",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "TYPO3.CMS",
               vendor: "TYPO3",
               versions: [
                  {
                     status: "affected",
                     version: ">= 9.0.0, <= 9.5.24",
                  },
                  {
                     status: "affected",
                     version: ">= 10.0.0, <= 10.4.13",
                  },
                  {
                     status: "affected",
                     version: ">= 11.0.0, <= 11.1.0",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.25, 10.4.14, 11.1.1 requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as error message from another page. This leads to a scenario in which the application is calling itself recursively - amplifying the impact of the initial attack until the limits of the web server are exceeded. This is fixed in versions 9.5.25, 10.4.14, 11.1.1.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-674",
                     description: "CWE-674 Uncontrolled Recursion",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
            {
               descriptions: [
                  {
                     cweId: "CWE-405",
                     description: "CWE-405 Asymmetric Resource Consumption (Amplification)",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-03-23T01:55:19",
            orgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
            shortName: "GitHub_M",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://packagist.org/packages/typo3/cms-core",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4p9g-qgx9-397p",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://typo3.org/security/advisory/typo3-core-sa-2021-005",
            },
         ],
         source: {
            advisory: "GHSA-4p9g-qgx9-397p",
            discovery: "UNKNOWN",
         },
         title: "Denial of Service in Page Error Handling",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security-advisories@github.com",
               ID: "CVE-2021-21359",
               STATE: "PUBLIC",
               TITLE: "Denial of Service in Page Error Handling",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "TYPO3.CMS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: ">= 9.0.0, <= 9.5.24",
                                       },
                                       {
                                          version_value: ">= 10.0.0, <= 10.4.13",
                                       },
                                       {
                                          version_value: ">= 11.0.0, <= 11.1.0",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "TYPO3",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.25, 10.4.14, 11.1.1 requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as error message from another page. This leads to a scenario in which the application is calling itself recursively - amplifying the impact of the initial attack until the limits of the web server are exceeded. This is fixed in versions 9.5.25, 10.4.14, 11.1.1.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-674 Uncontrolled Recursion",
                        },
                     ],
                  },
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-405 Asymmetric Resource Consumption (Amplification)",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://packagist.org/packages/typo3/cms-core",
                     refsource: "MISC",
                     url: "https://packagist.org/packages/typo3/cms-core",
                  },
                  {
                     name: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4p9g-qgx9-397p",
                     refsource: "CONFIRM",
                     url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4p9g-qgx9-397p",
                  },
                  {
                     name: "https://typo3.org/security/advisory/typo3-core-sa-2021-005",
                     refsource: "MISC",
                     url: "https://typo3.org/security/advisory/typo3-core-sa-2021-005",
                  },
               ],
            },
            source: {
               advisory: "GHSA-4p9g-qgx9-397p",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
      assignerShortName: "GitHub_M",
      cveId: "CVE-2021-21359",
      datePublished: "2021-03-23T01:55:19",
      dateReserved: "2020-12-22T00:00:00",
      dateUpdated: "2024-08-03T18:09:15.893Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-21355
Vulnerability from cvelistv5
Published
2021-03-23 01:50
Modified
2024-08-03 18:09
Summary
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 8.7.40, 9.5.25, 10.4.14, 11.1.1, due to the lack of ensuring file extensions belong to configured allowed mime-types, attackers can upload arbitrary data with arbitrary file extensions - however, default _fileDenyPattern_ successfully blocked files like _.htaccess_ or _malicious.php_. Besides that, _UploadedFileReferenceConverter_ transforming uploaded files into proper FileReference domain model objects handles possible file uploads for other extensions as well - given those extensions use the Extbase MVC framework, make use of FileReference items in their direct or inherited domain model definitions and did not implement their own type converter. In case this scenario applies, _UploadedFileReferenceConverter_ accepts any file mime-type and persists files in the default location. In any way, uploaded files are placed in the default location _/fileadmin/user_upload/_, in most scenarios keeping the submitted filename - which allows attackers to directly reference files, or even correctly guess filenames used by other individuals, disclosing this information. No authentication is required to exploit this vulnerability. This is fixed in versions 8.7.40, 9.5.25, 10.4.14, 11.1.1.
Impacted products
Vendor Product Version
TYPO3 TYPO3.CMS Version: >= 8.0.0, <= 8.7.39
Version: >= 9.0.0, <= 9.5.24
Version: >= 10.0.0, <= 10.4.13
Version: >= 11.0.0, <= 11.1.0
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T18:09:15.669Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://packagist.org/packages/typo3/cms-form",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2r6j-862c-m2v2",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://typo3.org/security/advisory/typo3-core-sa-2021-002",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "TYPO3.CMS",
               vendor: "TYPO3",
               versions: [
                  {
                     status: "affected",
                     version: ">= 8.0.0, <= 8.7.39",
                  },
                  {
                     status: "affected",
                     version: ">= 9.0.0, <= 9.5.24",
                  },
                  {
                     status: "affected",
                     version: ">= 10.0.0, <= 10.4.13",
                  },
                  {
                     status: "affected",
                     version: ">= 11.0.0, <= 11.1.0",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 8.7.40, 9.5.25, 10.4.14, 11.1.1, due to the lack of ensuring file extensions belong to configured allowed mime-types, attackers can upload arbitrary data with arbitrary file extensions - however, default _fileDenyPattern_ successfully blocked files like _.htaccess_ or _malicious.php_. Besides that, _UploadedFileReferenceConverter_ transforming uploaded files into proper FileReference domain model objects handles possible file uploads for other extensions as well - given those extensions use the Extbase MVC framework, make use of FileReference items in their direct or inherited domain model definitions and did not implement their own type converter. In case this scenario applies, _UploadedFileReferenceConverter_ accepts any file mime-type and persists files in the default location. In any way, uploaded files are placed in the default location _/fileadmin/user_upload/_, in most scenarios keeping the submitted filename - which allows attackers to directly reference files, or even correctly guess filenames used by other individuals, disclosing this information. No authentication is required to exploit this vulnerability. This is fixed in versions 8.7.40, 9.5.25, 10.4.14, 11.1.1.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "LOW",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-434",
                     description: "CWE-434 Unrestricted Upload of File with Dangerous Type",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
            {
               descriptions: [
                  {
                     cweId: "CWE-552",
                     description: "CWE-552 Files or Directories Accessible to External Parties",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-03-23T01:50:29",
            orgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
            shortName: "GitHub_M",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://packagist.org/packages/typo3/cms-form",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2r6j-862c-m2v2",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://typo3.org/security/advisory/typo3-core-sa-2021-002",
            },
         ],
         source: {
            advisory: "GHSA-2r6j-862c-m2v2",
            discovery: "UNKNOWN",
         },
         title: "Unrestricted File Upload in Form Framework",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security-advisories@github.com",
               ID: "CVE-2021-21355",
               STATE: "PUBLIC",
               TITLE: "Unrestricted File Upload in Form Framework",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "TYPO3.CMS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: ">= 8.0.0, <= 8.7.39",
                                       },
                                       {
                                          version_value: ">= 9.0.0, <= 9.5.24",
                                       },
                                       {
                                          version_value: ">= 10.0.0, <= 10.4.13",
                                       },
                                       {
                                          version_value: ">= 11.0.0, <= 11.1.0",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "TYPO3",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 8.7.40, 9.5.25, 10.4.14, 11.1.1, due to the lack of ensuring file extensions belong to configured allowed mime-types, attackers can upload arbitrary data with arbitrary file extensions - however, default _fileDenyPattern_ successfully blocked files like _.htaccess_ or _malicious.php_. Besides that, _UploadedFileReferenceConverter_ transforming uploaded files into proper FileReference domain model objects handles possible file uploads for other extensions as well - given those extensions use the Extbase MVC framework, make use of FileReference items in their direct or inherited domain model definitions and did not implement their own type converter. In case this scenario applies, _UploadedFileReferenceConverter_ accepts any file mime-type and persists files in the default location. In any way, uploaded files are placed in the default location _/fileadmin/user_upload/_, in most scenarios keeping the submitted filename - which allows attackers to directly reference files, or even correctly guess filenames used by other individuals, disclosing this information. No authentication is required to exploit this vulnerability. This is fixed in versions 8.7.40, 9.5.25, 10.4.14, 11.1.1.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "LOW",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-434 Unrestricted Upload of File with Dangerous Type",
                        },
                     ],
                  },
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-552 Files or Directories Accessible to External Parties",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://packagist.org/packages/typo3/cms-form",
                     refsource: "MISC",
                     url: "https://packagist.org/packages/typo3/cms-form",
                  },
                  {
                     name: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2r6j-862c-m2v2",
                     refsource: "CONFIRM",
                     url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2r6j-862c-m2v2",
                  },
                  {
                     name: "https://typo3.org/security/advisory/typo3-core-sa-2021-002",
                     refsource: "MISC",
                     url: "https://typo3.org/security/advisory/typo3-core-sa-2021-002",
                  },
               ],
            },
            source: {
               advisory: "GHSA-2r6j-862c-m2v2",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
      assignerShortName: "GitHub_M",
      cveId: "CVE-2021-21355",
      datePublished: "2021-03-23T01:50:29",
      dateReserved: "2020-12-22T00:00:00",
      dateUpdated: "2024-08-03T18:09:15.669Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-21339
Vulnerability from cvelistv5
Published
2021-03-23 01:50
Modified
2024-08-03 18:09
Summary
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 user session identifiers were stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance SQL injection in any other component of the system. This is fixed in versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1.
Impacted products
Vendor Product Version
TYPO3 TYPO3.CMS Version: >= 6.2.0, <= 6.2.56
Version: >= 7.0.0, <= 7.6.50
Version: >= 8.0.0, <= 8.7.39
Version: >= 9.0.0, <= 9.5.24
Version: >= 10.0.0, <= 10.4.13
Version: >= 11.0.0, <= 11.1.0
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T18:09:15.911Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://packagist.org/packages/typo3/cms-core",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://typo3.org/security/advisory/typo3-core-sa-2021-006",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "TYPO3.CMS",
               vendor: "TYPO3",
               versions: [
                  {
                     status: "affected",
                     version: ">= 6.2.0, <= 6.2.56",
                  },
                  {
                     status: "affected",
                     version: ">= 7.0.0, <= 7.6.50",
                  },
                  {
                     status: "affected",
                     version: ">= 8.0.0, <= 8.7.39",
                  },
                  {
                     status: "affected",
                     version: ">= 9.0.0, <= 9.5.24",
                  },
                  {
                     status: "affected",
                     version: ">= 10.0.0, <= 10.4.13",
                  },
                  {
                     status: "affected",
                     version: ">= 11.0.0, <= 11.1.0",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 user session identifiers were stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance SQL injection in any other component of the system. This is fixed in versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-312",
                     description: "CWE-312: Cleartext Storage of Sensitive Information",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-03-23T01:50:40",
            orgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
            shortName: "GitHub_M",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://packagist.org/packages/typo3/cms-core",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://typo3.org/security/advisory/typo3-core-sa-2021-006",
            },
         ],
         source: {
            advisory: "GHSA-qx3w-4864-94ch",
            discovery: "UNKNOWN",
         },
         title: "Cleartext storage of session identifier",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security-advisories@github.com",
               ID: "CVE-2021-21339",
               STATE: "PUBLIC",
               TITLE: "Cleartext storage of session identifier",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "TYPO3.CMS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: ">= 6.2.0, <= 6.2.56",
                                       },
                                       {
                                          version_value: ">= 7.0.0, <= 7.6.50",
                                       },
                                       {
                                          version_value: ">= 8.0.0, <= 8.7.39",
                                       },
                                       {
                                          version_value: ">= 9.0.0, <= 9.5.24",
                                       },
                                       {
                                          version_value: ">= 10.0.0, <= 10.4.13",
                                       },
                                       {
                                          version_value: ">= 11.0.0, <= 11.1.0",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "TYPO3",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 user session identifiers were stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance SQL injection in any other component of the system. This is fixed in versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-312: Cleartext Storage of Sensitive Information",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://packagist.org/packages/typo3/cms-core",
                     refsource: "MISC",
                     url: "https://packagist.org/packages/typo3/cms-core",
                  },
                  {
                     name: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch",
                     refsource: "CONFIRM",
                     url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch",
                  },
                  {
                     name: "https://typo3.org/security/advisory/typo3-core-sa-2021-006",
                     refsource: "MISC",
                     url: "https://typo3.org/security/advisory/typo3-core-sa-2021-006",
                  },
               ],
            },
            source: {
               advisory: "GHSA-qx3w-4864-94ch",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
      assignerShortName: "GitHub_M",
      cveId: "CVE-2021-21339",
      datePublished: "2021-03-23T01:50:40",
      dateReserved: "2020-12-22T00:00:00",
      dateUpdated: "2024-08-03T18:09:15.911Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-26227
Vulnerability from cvelistv5
Published
2020-11-23 21:05
Modified
2024-08-04 15:56
Summary
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.23 and 10.4.10 the system extension Fluid (typo3/cms-fluid) of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers. Update to TYPO3 versions 9.5.23 or 10.4.10 that fix the problem described.
Impacted products
Vendor Product Version
TYPO3 TYPO3.CMS Version: >= 9.0.0, < 9.5.23
Version: >= 10.0.0, < 10.4.10
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T15:56:03.033Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://typo3.org/security/advisory/typo3-core-sa-2020-010",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "TYPO3.CMS",
               vendor: "TYPO3",
               versions: [
                  {
                     status: "affected",
                     version: ">= 9.0.0, < 9.5.23",
                  },
                  {
                     status: "affected",
                     version: ">= 10.0.0, < 10.4.10",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.23 and 10.4.10 the system extension Fluid (typo3/cms-fluid) of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers. Update to TYPO3 versions 9.5.23 or 10.4.10 that fix the problem described.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.1,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-11-23T21:05:18",
            orgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
            shortName: "GitHub_M",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://typo3.org/security/advisory/typo3-core-sa-2020-010",
            },
         ],
         source: {
            advisory: "GHSA-vqqx-jw6p-q3rf",
            discovery: "UNKNOWN",
         },
         title: "Cross-Site Scripting in Fluid view helpers",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security-advisories@github.com",
               ID: "CVE-2020-26227",
               STATE: "PUBLIC",
               TITLE: "Cross-Site Scripting in Fluid view helpers",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "TYPO3.CMS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: ">= 9.0.0, < 9.5.23",
                                       },
                                       {
                                          version_value: ">= 10.0.0, < 10.4.10",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "TYPO3",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.23 and 10.4.10 the system extension Fluid (typo3/cms-fluid) of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers. Update to TYPO3 versions 9.5.23 or 10.4.10 that fix the problem described.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.1,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf",
                     refsource: "CONFIRM",
                     url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf",
                  },
                  {
                     name: "https://typo3.org/security/advisory/typo3-core-sa-2020-010",
                     refsource: "MISC",
                     url: "https://typo3.org/security/advisory/typo3-core-sa-2020-010",
                  },
               ],
            },
            source: {
               advisory: "GHSA-vqqx-jw6p-q3rf",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
      assignerShortName: "GitHub_M",
      cveId: "CVE-2020-26227",
      datePublished: "2020-11-23T21:05:18",
      dateReserved: "2020-10-01T00:00:00",
      dateUpdated: "2024-08-04T15:56:03.033Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-26229
Vulnerability from cvelistv5
Published
2020-11-23 21:15
Modified
2024-08-04 15:56
Summary
TYPO3 is an open source PHP based web content management system. In TYPO3 from version 10.4.0, and before version 10.4.10, RSS widgets are susceptible to XML external entity processing. This vulnerability is reasonable, but is theoretical - it was not possible to actually reproduce the vulnerability with current PHP versions of supported and maintained system distributions. At least with libxml2 version 2.9, the processing of XML external entities is disabled per default - and cannot be exploited. Besides that, a valid backend user account is needed. Update to TYPO3 version 10.4.10 to fix the problem described.
Impacted products
Vendor Product Version
TYPO3 TYPO3.CMS Version: >= 10.0.0, < 10.4.10
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T15:56:03.052Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-q9cp-mc96-m4w2",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://typo3.org/security/advisory/typo3-core-sa-2020-012",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "TYPO3.CMS",
               vendor: "TYPO3",
               versions: [
                  {
                     status: "affected",
                     version: ">= 10.0.0, < 10.4.10",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "TYPO3 is an open source PHP based web content management system. In TYPO3 from version 10.4.0, and before version 10.4.10, RSS widgets are susceptible to XML external entity processing. This vulnerability is reasonable, but is theoretical - it was not possible to actually reproduce the vulnerability with current PHP versions of supported and maintained system distributions. At least with libxml2 version 2.9, the processing of XML external entities is disabled per default - and cannot be exploited. Besides that, a valid backend user account is needed. Update to TYPO3 version 10.4.10 to fix the problem described.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 3.7,
                  baseSeverity: "LOW",
                  confidentialityImpact: "LOW",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-611",
                     description: "CWE-611: Improper Restriction of XML External Entity Reference",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-11-23T21:15:17",
            orgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
            shortName: "GitHub_M",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-q9cp-mc96-m4w2",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://typo3.org/security/advisory/typo3-core-sa-2020-012",
            },
         ],
         source: {
            advisory: "GHSA-q9cp-mc96-m4w2",
            discovery: "UNKNOWN",
         },
         title: "XML External Entity in Dashboard Widget",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security-advisories@github.com",
               ID: "CVE-2020-26229",
               STATE: "PUBLIC",
               TITLE: "XML External Entity in Dashboard Widget",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "TYPO3.CMS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: ">= 10.0.0, < 10.4.10",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "TYPO3",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "TYPO3 is an open source PHP based web content management system. In TYPO3 from version 10.4.0, and before version 10.4.10, RSS widgets are susceptible to XML external entity processing. This vulnerability is reasonable, but is theoretical - it was not possible to actually reproduce the vulnerability with current PHP versions of supported and maintained system distributions. At least with libxml2 version 2.9, the processing of XML external entities is disabled per default - and cannot be exploited. Besides that, a valid backend user account is needed. Update to TYPO3 version 10.4.10 to fix the problem described.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 3.7,
                  baseSeverity: "LOW",
                  confidentialityImpact: "LOW",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-611: Improper Restriction of XML External Entity Reference",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-q9cp-mc96-m4w2",
                     refsource: "CONFIRM",
                     url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-q9cp-mc96-m4w2",
                  },
                  {
                     name: "https://typo3.org/security/advisory/typo3-core-sa-2020-012",
                     refsource: "MISC",
                     url: "https://typo3.org/security/advisory/typo3-core-sa-2020-012",
                  },
               ],
            },
            source: {
               advisory: "GHSA-q9cp-mc96-m4w2",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
      assignerShortName: "GitHub_M",
      cveId: "CVE-2020-26229",
      datePublished: "2020-11-23T21:15:18",
      dateReserved: "2020-10-01T00:00:00",
      dateUpdated: "2024-08-04T15:56:03.052Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-32768
Vulnerability from cvelistv5
Published
2021-08-10 16:30
Modified
2024-08-03 23:33
Summary
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions failing to properly parse, sanitize and encode malicious rich-text content, the content rendering process in the website frontend is vulnerable to cross-site scripting. Corresponding rendering instructions via TypoScript functionality HTMLparser does not consider all potentially malicious HTML tag & attribute combinations per default. In default scenarios, a valid backend user account is needed to exploit this vulnerability. In case custom plugins used in the website frontend accept and reflect rich-text content submitted by users, no authentication is required. Update to TYPO3 versions 7.6.53 ELTS, 8.7.42 ELTS, 9.5.29, 10.4.19, 11.3.2 that fix the problem described.
Impacted products
Vendor Product Version
TYPO3 TYPO3.CMS Version: >= 7.0.0, < 7.6.53
Version: >= 8.0.0, < 8.7.42
Version: >= 9.0.0, < 9.5.29
Version: >= 10.0.0, < 10.4.19
Version: >= 11.0.0, < 11.3.2
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T23:33:55.826Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://typo3.org/security/advisory/typo3-core-sa-2021-013",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-c5c9-8c6m-727v",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "TYPO3.CMS",
               vendor: "TYPO3",
               versions: [
                  {
                     status: "affected",
                     version: ">= 7.0.0, < 7.6.53",
                  },
                  {
                     status: "affected",
                     version: ">= 8.0.0, < 8.7.42",
                  },
                  {
                     status: "affected",
                     version: ">= 9.0.0, < 9.5.29",
                  },
                  {
                     status: "affected",
                     version: ">= 10.0.0, < 10.4.19",
                  },
                  {
                     status: "affected",
                     version: ">= 11.0.0, < 11.3.2",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions failing to properly parse, sanitize and encode malicious rich-text content, the content rendering process in the website frontend is vulnerable to cross-site scripting. Corresponding rendering instructions via TypoScript functionality HTMLparser does not consider all potentially malicious HTML tag & attribute combinations per default. In default scenarios, a valid backend user account is needed to exploit this vulnerability. In case custom plugins used in the website frontend accept and reflect rich-text content submitted by users, no authentication is required. Update to TYPO3 versions 7.6.53 ELTS, 8.7.42 ELTS, 9.5.29, 10.4.19, 11.3.2 that fix the problem described.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.1,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-08-10T16:30:11",
            orgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
            shortName: "GitHub_M",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://typo3.org/security/advisory/typo3-core-sa-2021-013",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-c5c9-8c6m-727v",
            },
         ],
         source: {
            advisory: "GHSA-c5c9-8c6m-727v",
            discovery: "UNKNOWN",
         },
         title: "Cross-Site Scripting via Rich-Text Content",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security-advisories@github.com",
               ID: "CVE-2021-32768",
               STATE: "PUBLIC",
               TITLE: "Cross-Site Scripting via Rich-Text Content",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "TYPO3.CMS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: ">= 7.0.0, < 7.6.53",
                                       },
                                       {
                                          version_value: ">= 8.0.0, < 8.7.42",
                                       },
                                       {
                                          version_value: ">= 9.0.0, < 9.5.29",
                                       },
                                       {
                                          version_value: ">= 10.0.0, < 10.4.19",
                                       },
                                       {
                                          version_value: ">= 11.0.0, < 11.3.2",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "TYPO3",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions failing to properly parse, sanitize and encode malicious rich-text content, the content rendering process in the website frontend is vulnerable to cross-site scripting. Corresponding rendering instructions via TypoScript functionality HTMLparser does not consider all potentially malicious HTML tag & attribute combinations per default. In default scenarios, a valid backend user account is needed to exploit this vulnerability. In case custom plugins used in the website frontend accept and reflect rich-text content submitted by users, no authentication is required. Update to TYPO3 versions 7.6.53 ELTS, 8.7.42 ELTS, 9.5.29, 10.4.19, 11.3.2 that fix the problem described.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.1,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://typo3.org/security/advisory/typo3-core-sa-2021-013",
                     refsource: "MISC",
                     url: "https://typo3.org/security/advisory/typo3-core-sa-2021-013",
                  },
                  {
                     name: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-c5c9-8c6m-727v",
                     refsource: "CONFIRM",
                     url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-c5c9-8c6m-727v",
                  },
               ],
            },
            source: {
               advisory: "GHSA-c5c9-8c6m-727v",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
      assignerShortName: "GitHub_M",
      cveId: "CVE-2021-32768",
      datePublished: "2021-08-10T16:30:11",
      dateReserved: "2021-05-12T00:00:00",
      dateUpdated: "2024-08-03T23:33:55.826Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-32767
Vulnerability from cvelistv5
Published
2021-07-20 16:00
Modified
2024-08-03 23:33
Summary
TYPO3 is an open source PHP based web content management system. In versions 9.0.0 through 9.5.27, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0, user credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3 versions 9.5.28, 10.4.18, 11.3.1 contain a patch for this vulnerability.
Impacted products
Vendor Product Version
TYPO3 TYPO3.CMS Version: >= 9.0.0, < 9.5.28
Version: >= 10.0.0, < 10.4.18
Version: >= 11.0.0, < 11.3.1
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T23:33:55.829Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://typo3.org/security/advisory/typo3-core-sa-2021-012",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "TYPO3.CMS",
               vendor: "TYPO3",
               versions: [
                  {
                     status: "affected",
                     version: ">= 9.0.0, < 9.5.28",
                  },
                  {
                     status: "affected",
                     version: ">= 10.0.0, < 10.4.18",
                  },
                  {
                     status: "affected",
                     version: ">= 11.0.0, < 11.3.1",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "TYPO3 is an open source PHP based web content management system. In versions 9.0.0 through 9.5.27, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0, user credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3 versions 9.5.28, 10.4.18, 11.3.1 contain a patch for this vulnerability.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-532",
                     description: "CWE-532: Insertion of Sensitive Information into Log File",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-08-09T15:28:30",
            orgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
            shortName: "GitHub_M",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://typo3.org/security/advisory/typo3-core-sa-2021-012",
            },
         ],
         source: {
            advisory: "GHSA-34fr-fhqr-7235",
            discovery: "UNKNOWN",
         },
         title: "Information Disclosure in User Authentication",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security-advisories@github.com",
               ID: "CVE-2021-32767",
               STATE: "PUBLIC",
               TITLE: "Information Disclosure in User Authentication",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "TYPO3.CMS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: ">= 9.0.0, < 9.5.28",
                                       },
                                       {
                                          version_value: ">= 10.0.0, < 10.4.18",
                                       },
                                       {
                                          version_value: ">= 11.0.0, < 11.3.1",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "TYPO3",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "TYPO3 is an open source PHP based web content management system. In versions 9.0.0 through 9.5.27, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0, user credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3 versions 9.5.28, 10.4.18, 11.3.1 contain a patch for this vulnerability.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-532: Insertion of Sensitive Information into Log File",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235",
                     refsource: "CONFIRM",
                     url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235",
                  },
                  {
                     name: "https://typo3.org/security/advisory/typo3-core-sa-2021-012",
                     refsource: "MISC",
                     url: "https://typo3.org/security/advisory/typo3-core-sa-2021-012",
                  },
               ],
            },
            source: {
               advisory: "GHSA-34fr-fhqr-7235",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
      assignerShortName: "GitHub_M",
      cveId: "CVE-2021-32767",
      datePublished: "2021-07-20T16:00:11",
      dateReserved: "2021-05-12T00:00:00",
      dateUpdated: "2024-08-03T23:33:55.829Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-21358
Vulnerability from cvelistv5
Published
2021-03-23 01:50
Modified
2024-08-03 18:09
Summary
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 10.4.14, 11.1.1 it has been discovered that the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is needed to exploit this vulnerability. This is fixed in versions 10.4.14, 11.1.1.
Impacted products
Vendor Product Version
TYPO3 TYPO3.CMS Version: >= 10.2.0, <= 10.4.13
Version: >= 11.0.0, <= 11.1.0
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T18:09:15.902Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x79j-wgqv-g8h2",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://packagist.org/packages/typo3/cms-form",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://typo3.org/security/advisory/typo3-core-sa-2021-004",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "TYPO3.CMS",
               vendor: "TYPO3",
               versions: [
                  {
                     status: "affected",
                     version: ">= 10.2.0, <= 10.4.13",
                  },
                  {
                     status: "affected",
                     version: ">= 11.0.0, <= 11.1.0",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 10.4.14, 11.1.1 it has been discovered that the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is needed to exploit this vulnerability. This is fixed in versions 10.4.14, 11.1.1.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79 Cross-site Scripting (XSS)",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-03-23T01:50:16",
            orgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
            shortName: "GitHub_M",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x79j-wgqv-g8h2",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://packagist.org/packages/typo3/cms-form",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://typo3.org/security/advisory/typo3-core-sa-2021-004",
            },
         ],
         source: {
            advisory: "GHSA-x79j-wgqv-g8h2",
            discovery: "UNKNOWN",
         },
         title: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in typo3/cms-form",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security-advisories@github.com",
               ID: "CVE-2021-21358",
               STATE: "PUBLIC",
               TITLE: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in typo3/cms-form",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "TYPO3.CMS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: ">= 10.2.0, <= 10.4.13",
                                       },
                                       {
                                          version_value: ">= 11.0.0, <= 11.1.0",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "TYPO3",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 10.4.14, 11.1.1 it has been discovered that the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is needed to exploit this vulnerability. This is fixed in versions 10.4.14, 11.1.1.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-79 Cross-site Scripting (XSS)",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x79j-wgqv-g8h2",
                     refsource: "CONFIRM",
                     url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x79j-wgqv-g8h2",
                  },
                  {
                     name: "https://packagist.org/packages/typo3/cms-form",
                     refsource: "MISC",
                     url: "https://packagist.org/packages/typo3/cms-form",
                  },
                  {
                     name: "https://typo3.org/security/advisory/typo3-core-sa-2021-004",
                     refsource: "MISC",
                     url: "https://typo3.org/security/advisory/typo3-core-sa-2021-004",
                  },
               ],
            },
            source: {
               advisory: "GHSA-x79j-wgqv-g8h2",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
      assignerShortName: "GitHub_M",
      cveId: "CVE-2021-21358",
      datePublished: "2021-03-23T01:50:16",
      dateReserved: "2020-12-22T00:00:00",
      dateUpdated: "2024-08-03T18:09:15.902Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-21357
Vulnerability from cvelistv5
Published
2021-03-23 01:50
Modified
2024-08-03 18:09
Summary
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 8.7.40, 9.5.25, 10.4.14, 11.1.1 due to improper input validation, attackers can by-pass restrictions of predefined options and submit arbitrary data in the Form Designer backend module of the Form Framework. In the default configuration of the Form Framework this allows attackers to explicitly allow arbitrary mime-types for file uploads - however, default _fileDenyPattern_ successfully blocked files like _.htaccess_ or _malicious.php_. Besides that, attackers can persist those files in any writable directory of the corresponding TYPO3 installation. A valid backend user account with access to the form module is needed to exploit this vulnerability. This is fixed in versions 8.7.40, 9.5.25, 10.4.14, 11.1.1.
Impacted products
Vendor Product Version
TYPO3 TYPO3.CMS Version: >= 8.0.0, <= 8.7.39
Version: >= 9.0.0, <= 9.5.24
Version: >= 10.0.0, <= 10.4.13
Version: >= 11.0.0, <= 11.1.0
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T18:09:15.663Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://packagist.org/packages/typo3/cms-form",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3vg7-jw9m-pc3f",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://typo3.org/security/advisory/typo3-core-sa-2021-003",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "TYPO3.CMS",
               vendor: "TYPO3",
               versions: [
                  {
                     status: "affected",
                     version: ">= 8.0.0, <= 8.7.39",
                  },
                  {
                     status: "affected",
                     version: ">= 9.0.0, <= 9.5.24",
                  },
                  {
                     status: "affected",
                     version: ">= 10.0.0, <= 10.4.13",
                  },
                  {
                     status: "affected",
                     version: ">= 11.0.0, <= 11.1.0",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 8.7.40, 9.5.25, 10.4.14, 11.1.1 due to improper input validation, attackers can by-pass restrictions of predefined options and submit arbitrary data in the Form Designer backend module of the Form Framework. In the default configuration of the Form Framework this allows attackers to explicitly allow arbitrary mime-types for file uploads - however, default _fileDenyPattern_ successfully blocked files like _.htaccess_ or _malicious.php_. Besides that, attackers can persist those files in any writable directory of the corresponding TYPO3 installation. A valid backend user account with access to the form module is needed to exploit this vulnerability. This is fixed in versions 8.7.40, 9.5.25, 10.4.14, 11.1.1.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.3,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "LOW",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "CWE-20 Improper Input Validation",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
            {
               descriptions: [
                  {
                     cweId: "CWE-22",
                     description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
            {
               descriptions: [
                  {
                     cweId: "CWE-434",
                     description: "CWE-434 Unrestricted Upload of File with Dangerous Type",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-03-23T01:50:22",
            orgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
            shortName: "GitHub_M",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://packagist.org/packages/typo3/cms-form",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3vg7-jw9m-pc3f",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://typo3.org/security/advisory/typo3-core-sa-2021-003",
            },
         ],
         source: {
            advisory: "GHSA-3vg7-jw9m-pc3f",
            discovery: "UNKNOWN",
         },
         title: "Broken Access Control in Form Framework",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security-advisories@github.com",
               ID: "CVE-2021-21357",
               STATE: "PUBLIC",
               TITLE: "Broken Access Control in Form Framework",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "TYPO3.CMS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: ">= 8.0.0, <= 8.7.39",
                                       },
                                       {
                                          version_value: ">= 9.0.0, <= 9.5.24",
                                       },
                                       {
                                          version_value: ">= 10.0.0, <= 10.4.13",
                                       },
                                       {
                                          version_value: ">= 11.0.0, <= 11.1.0",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "TYPO3",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 8.7.40, 9.5.25, 10.4.14, 11.1.1 due to improper input validation, attackers can by-pass restrictions of predefined options and submit arbitrary data in the Form Designer backend module of the Form Framework. In the default configuration of the Form Framework this allows attackers to explicitly allow arbitrary mime-types for file uploads - however, default _fileDenyPattern_ successfully blocked files like _.htaccess_ or _malicious.php_. Besides that, attackers can persist those files in any writable directory of the corresponding TYPO3 installation. A valid backend user account with access to the form module is needed to exploit this vulnerability. This is fixed in versions 8.7.40, 9.5.25, 10.4.14, 11.1.1.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.3,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "LOW",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-20 Improper Input Validation",
                        },
                     ],
                  },
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                        },
                     ],
                  },
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-434 Unrestricted Upload of File with Dangerous Type",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://packagist.org/packages/typo3/cms-form",
                     refsource: "MISC",
                     url: "https://packagist.org/packages/typo3/cms-form",
                  },
                  {
                     name: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3vg7-jw9m-pc3f",
                     refsource: "CONFIRM",
                     url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3vg7-jw9m-pc3f",
                  },
                  {
                     name: "https://typo3.org/security/advisory/typo3-core-sa-2021-003",
                     refsource: "MISC",
                     url: "https://typo3.org/security/advisory/typo3-core-sa-2021-003",
                  },
               ],
            },
            source: {
               advisory: "GHSA-3vg7-jw9m-pc3f",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
      assignerShortName: "GitHub_M",
      cveId: "CVE-2021-21357",
      datePublished: "2021-03-23T01:50:23",
      dateReserved: "2020-12-22T00:00:00",
      dateUpdated: "2024-08-03T18:09:15.663Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-21338
Vulnerability from cvelistv5
Published
2021-03-23 01:45
Modified
2024-08-03 18:09
Summary
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 it has been discovered that Login Handling is susceptible to open redirection which allows attackers redirecting to arbitrary content, and conducting phishing attacks. No authentication is required in order to exploit this vulnerability. This is fixed in versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1.
Impacted products
Vendor Product Version
TYPO3 TYPO3.CMS Version: >= 6.2.0, <= 6.2.56
Version: >= 7.0.0, <= 7.6.50
Version: >= 8.0.0, <= 8.7.39
Version: >= 9.0.0, <= 9.5.24
Version: >= 10.0.0, <= 10.4.13
Version: >= 11.0.0, <= 11.1.0
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T18:09:15.687Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://packagist.org/packages/typo3/cms-core",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://typo3.org/security/advisory/typo3-core-sa-2021-001",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "TYPO3.CMS",
               vendor: "TYPO3",
               versions: [
                  {
                     status: "affected",
                     version: ">= 6.2.0, <= 6.2.56",
                  },
                  {
                     status: "affected",
                     version: ">= 7.0.0, <= 7.6.50",
                  },
                  {
                     status: "affected",
                     version: ">= 8.0.0, <= 8.7.39",
                  },
                  {
                     status: "affected",
                     version: ">= 9.0.0, <= 9.5.24",
                  },
                  {
                     status: "affected",
                     version: ">= 10.0.0, <= 10.4.13",
                  },
                  {
                     status: "affected",
                     version: ">= 11.0.0, <= 11.1.0",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 it has been discovered that Login Handling is susceptible to open redirection which allows attackers redirecting to arbitrary content, and conducting phishing attacks. No authentication is required in order to exploit this vulnerability. This is fixed in versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 4.7,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-601",
                     description: "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-03-23T01:45:14",
            orgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
            shortName: "GitHub_M",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://packagist.org/packages/typo3/cms-core",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://typo3.org/security/advisory/typo3-core-sa-2021-001",
            },
         ],
         source: {
            advisory: "GHSA-4jhw-2p6j-5wmp",
            discovery: "UNKNOWN",
         },
         title: "Open Redirection in Login Handling",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security-advisories@github.com",
               ID: "CVE-2021-21338",
               STATE: "PUBLIC",
               TITLE: "Open Redirection in Login Handling",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "TYPO3.CMS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: ">= 6.2.0, <= 6.2.56",
                                       },
                                       {
                                          version_value: ">= 7.0.0, <= 7.6.50",
                                       },
                                       {
                                          version_value: ">= 8.0.0, <= 8.7.39",
                                       },
                                       {
                                          version_value: ">= 9.0.0, <= 9.5.24",
                                       },
                                       {
                                          version_value: ">= 10.0.0, <= 10.4.13",
                                       },
                                       {
                                          version_value: ">= 11.0.0, <= 11.1.0",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "TYPO3",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 it has been discovered that Login Handling is susceptible to open redirection which allows attackers redirecting to arbitrary content, and conducting phishing attacks. No authentication is required in order to exploit this vulnerability. This is fixed in versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 4.7,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp",
                     refsource: "CONFIRM",
                     url: "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp",
                  },
                  {
                     name: "https://packagist.org/packages/typo3/cms-core",
                     refsource: "MISC",
                     url: "https://packagist.org/packages/typo3/cms-core",
                  },
                  {
                     name: "https://typo3.org/security/advisory/typo3-core-sa-2021-001",
                     refsource: "MISC",
                     url: "https://typo3.org/security/advisory/typo3-core-sa-2021-001",
                  },
               ],
            },
            source: {
               advisory: "GHSA-4jhw-2p6j-5wmp",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
      assignerShortName: "GitHub_M",
      cveId: "CVE-2021-21338",
      datePublished: "2021-03-23T01:45:14",
      dateReserved: "2020-12-22T00:00:00",
      dateUpdated: "2024-08-03T18:09:15.687Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}