TYPO3 Remote Code Execution in third party library swiftmailer

2024-06-0515:08:03

CWE-94

GitHub Advisory Database

github.com

typo3

remote code execution

swiftmailer

mail actions

AI Score

7.5

Confidence

High

TYPO3 uses the package swiftmailer/swiftmailer for mail actions. This package is known to be vulnerable to Remote Code Execution.

Affected configurations

Vulners

Node

typo3typo3_cmsRange8.0.0–8.5.1

typo3typo3_cmsRange7.6.0–7.6.15

typo3typo3_cmsRange6.2.0–6.2.30

VendorProductVersionCPE
typo3typo3_cms*cpe:2.3:a:typo3:typo3_cms:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
typo3	typo3_cms	*	cpe:2.3:a:typo3:typo3_cms::::::::

github.com/advisories/GHSA-g4pf-3jvq-2gcw

github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-01-03-1.yaml

typo3.org/security/advisory/typo3-core-sa-2017-001

AI Score

7.5

Confidence

High