TYPO3 possible cache poisoning on the homepage when anchors are used

2024-05-3020:35:41

GitHub Advisory Database

github.com

typo3

cache poisoning

anchors

homepage

configuration

vulnerability

web page

software security

7.1 High

AI Score

Confidence

Low

JSON

A request URL with arbitrary arguments, but still pointing to the home page of a TYPO3 installation can be cached if the configuration option config.prefixLocalAnchors is used with the values “all” or “cached”. The impact of this vulnerability is that unfamiliar looking links to the home page can end up in the cache, which leads to a reload of the page in the browser when section links are followed by web page visitors, instead of just directly jumping to the requested section of the page. TYPO3 versions 4.6.x and higher are only affected if the homepage is not a shortcut to a different page.

Affected configurations

Vulners

Node

typo3cms_poll_system_extensionRange<7.0.2

typo3cms_poll_system_extensionRange<6.2.9

CPENameOperatorVersion
typo3/cmslt7.0.2
typo3/cmslt6.2.9

CPE	Name	Operator	Version
	typo3/cms	lt	7.0.2
	typo3/cms	lt	6.2.9

References

github.com/advisories/GHSA-p84g-j2gh-83g3

github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2014-12-09-2.yaml

typo3.org/security/advisory/typo3-core-sa-2014-003

7.1 High

AI Score

Confidence

Low

JSON