TYPO3 CMS Insecure Deserialization

2024-05-3014:52:14

CWE-502

GitHub Advisory Database

github.com

typo3 cms

form framework

insecure deserialization

php

pecl package

yaml

backend user account

php setting

exploit

vulnerability

7 High

AI Score

Confidence

High

JSON

It has been discovered that the Form Framework (system extension form) is vulnerable to Insecure Deserialization when being used with the additional PHP PECL package yaml, which is capable of unserializing YAML contents to PHP objects. A valid backend user account as well as having PHP setting yaml.decode_php enabled is needed to exploit this vulnerability (which is the default value according to PHP documentation).

Affected configurations

Vulners

Node

typo3cms_poll_system_extensionRange<9.3.1

typo3cms_poll_system_extensionRange<8.7.17

CPENameOperatorVersion
typo3/cms-corelt9.3.1
typo3/cms-corelt8.7.17

CPE	Name	Operator	Version
	typo3/cms-core	lt	9.3.1
	typo3/cms-core	lt	8.7.17

References

github.com/advisories/GHSA-96jg-pmc4-cx39

github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2018-07-12-4.yaml

typo3.org/security/advisory/typo3-core-sa-2018-004

7 High

AI Score

Confidence

High

JSON