TYPO3 SQL Injection in dbal

2024-06-0316:46:05

GitHub Advisory Database

github.com

typo3

sql injection

dbal

mysql

databaseconnection

vulnerability

passthrough mode

extension configuration

databaseconnection::sql_query

databaseconnection::quotestr

AI Score

Confidence

Low

JSON

A flaw in the database escaping API results in a SQL injection vulnerability when extension dbal is enabled and configured for MySQL passthrough mode in its extension configuration. All queries which use the DatabaseConnection::sql_query are vulnerable, even if arguments were properly escaped with DatabaseConnection::quoteStr beforehand.

Affected configurations

Vulners

Node

typo3typo3_cmsRange6.2.0–6.2.18

VendorProductVersionCPE
typo3typo3_cms*cpe:2.3:a:typo3:typo3_cms:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
typo3	typo3_cms	*	cpe:2.3:a:typo3:typo3_cms::::::::

References

github.com/advisories/GHSA-9895-53fc-98v2

github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-02-16-1.yaml

typo3.org/article/typo3-core-sa-2016-001

AI Score

Confidence

Low

JSON