Privilege Escalation in TYPO3 Neos

2024-05-1723:03:46

GitHub Advisory Database

github.com

typo3

neos

privilege escalation

vulnerability

editors

content nodes

workspace

7 High

AI Score

Confidence

High

JSON

It has been discovered that TYPO3 Neos is vulnerable to Privilege Escalation. Logged in editors could access, create and modify content nodes that exist in the workspace of other editors.

CPENameOperatorVersion
neos/neoslt1.2.3
neos/neoslt1.1.3

CPE	Name	Operator	Version
	neos/neos	lt	1.2.3
	neos/neos	lt	1.1.3

References

github.com/advisories/GHSA-43cf-7f3h-38rg

github.com/FriendsOfPHP/security-advisories/blob/master/neos/neos/2015-03-28.yaml

www.neos.io/blog/neos-sa-2015-001.html

7 High

AI Score

Confidence

High

JSON