Lucene search

GitHub Advisory DatabaseGHSA-3W22-WRWX-2R75

HistoryMay 14, 2022 - 3:25 a.m.

Typo3 XSS Vulnerability

2022-05-1403:25:24

CWE-79

GitHub Advisory Database

github.com

typo3

xss

vulnerability

page module

global variable

site name

admin

crafted.

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

32.3%

JSON

The page module in TYPO3 before 8.7.11 has XSS via $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'], as demonstrated by an admin entering a crafted site name during the installation process.

Affected configurations

Vulners

Node

typo3typo3_cmsRange<9.2.0

VendorProductVersionCPE
typo3typo3_cms*cpe:2.3:a:typo3:typo3_cms:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
typo3	typo3_cms	*	cpe:2.3:a:typo3:typo3_cms::::::::

References

www.securitytracker.com/id/1040755

forge.typo3.org/issues/84191

github.com/advisories/GHSA-3w22-wrwx-2r75

github.com/pradeepjairamani/TYPO3-XSS-POC

github.com/TYPO3/typo3/commit/d2c0ea7db3b31a796a82f9d39f77f9983beb7c35

nvd.nist.gov/vuln/detail/CVE-2018-6905

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

32.3%

JSON

Related for GHSA-3W22-WRWX-2R75