Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2021 Greenbone AGOPENVAS:1361412562310145959
HistoryMay 17, 2021 - 12:00 a.m.

TYPO3 Multiple Vulnerabilities (TYPO3-CORE-SA-2020-009, TYPO3-CORE-SA-2020-010, TYPO3-CORE-SA-2020-011)

2021-05-1700:00:00
Copyright (C) 2021 Greenbone AG
plugins.openvas.org
5

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.5%

JSON

TYPO3 is prone to multiple vulnerabilities.

# SPDX-FileCopyrightText: 2021 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later

CPE = "cpe:/a:typo3:typo3";

if (description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.145959");
  script_version("2023-04-05T10:19:45+0000");
  script_tag(name:"last_modification", value:"2023-04-05 10:19:45 +0000 (Wed, 05 Apr 2023)");
  script_tag(name:"creation_date", value:"2021-05-17 07:04:11 +0000 (Mon, 17 May 2021)");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2020-12-01 21:08:00 +0000 (Tue, 01 Dec 2020)");

  script_cve_id("CVE-2020-26216", "CVE-2020-26227", "CVE-2020-26228");

  script_tag(name:"qod_type", value:"remote_banner");

  script_tag(name:"solution_type", value:"VendorFix");

  script_name("TYPO3 Multiple Vulnerabilities (TYPO3-CORE-SA-2020-009, TYPO3-CORE-SA-2020-010, TYPO3-CORE-SA-2020-011)");

  script_category(ACT_GATHER_INFO);

  script_copyright("Copyright (C) 2021 Greenbone AG");
  script_family("Web application abuses");
  script_dependencies("gb_typo3_http_detect.nasl");
  script_mandatory_keys("typo3/detected");

  script_tag(name:"summary", value:"TYPO3 is prone to multiple vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"The following vulnerabilities exist:

  - CVE-2020-26216: Cross-site scripting (XSS) through Fluid view helper arguments

  - CVE-2020-26227: Cross-site scripting (XSS) in Fluid view helpers

  - CVE-2020-26228: Cleartext storage of session identifier");

  script_tag(name:"affected", value:"TYPO3 version 6.2.0 through 6.2.53, 7.6.0 through 7.6.47, 8.7.0
  through 8.7.37, 9.0.0 through 9.5.22 and 10.0.0 through 10.4.9.");

  script_tag(name:"solution", value:"Update to version 6.2.54, 7.6.48, 8.7.38, 9.5.23, 10.4.10 or later.");

  script_xref(name:"URL", value:"https://typo3.org/security/advisory/typo3-core-sa-2020-009");
  script_xref(name:"URL", value:"https://typo3.org/security/advisory/typo3-core-sa-2020-010");
  script_xref(name:"URL", value:"https://typo3.org/security/advisory/typo3-core-sa-2020-011");

  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if (!port = get_app_port(cpe: CPE))
  exit(0);

if (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE, version_regex: "[0-9]+\.[0-9]+\.[0-9]+")) # nb: Version might not be exact enough
  exit(0);

version = infos["version"];
location = infos["location"];

if (version_in_range(version: version, test_version: "6.2.0", test_version2: "6.2.53")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "6.2.54", install_path: location);
  security_message(port: port, data: report);
  exit(0);
}

if (version_in_range(version: version, test_version: "7.6.0", test_version2: "7.6.47")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "7.6.48", install_path: location);
  security_message(port: port, data: report);
  exit(0);
}

if (version_in_range(version: version, test_version: "8.7.0", test_version2: "8.7.37")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "8.7.38", install_path: location);
  security_message(port: port, data: report);
  exit(0);
}

if (version_in_range(version: version, test_version: "9.0.0", test_version2: "9.5.22")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "9.5.23", install_path: location);
  security_message(port: port, data: report);
  exit(0);
}

if (version_in_range(version: version, test_version: "10.0.0", test_version2: "10.4.9")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "10.4.10", install_path: location);
  security_message(port: port, data: report);
  exit(0);
}

exit(99);

Related

osv 8
cve 3
cvelist 3
veracode 3
nvd 3
github 3
typo3 3
prion 3
friendsofphp 5
osv
osv
CVE-2020-26227
2020-11-23 21:15:12
Cross-Site Scripting in Fluid view helpers
2020-12-21 16:28:11
BIT-typo3-2020-26227
2024-03-06 11:11:38
cve
cve
CVE-2020-26227
2020-11-23 21:15:12
CVE-2020-26216
2020-11-17 21:15:12
CVE-2020-26228
2020-11-23 21:15:12
cvelist
cvelist
CVE-2020-26227 Cross-Site Scripting in Fluid view helpers
2020-11-23 21:05:18
CVE-2020-26228 Cleartext storage of session identifier
2020-11-23 21:10:16
CVE-2020-26216 Cross-Site Scripting in TYPO3 Fluid
2020-11-17 20:45:20
veracode
veracode
Cross-Site Scripting (XSS)
2020-11-24 08:23:04
Information Disclosure
2020-11-24 06:15:30
Cross-site Scripting (XSS)
2020-11-18 02:39:58
nvd
nvd
CVE-2020-26227
2020-11-23 21:15:12
CVE-2020-26216
2020-11-17 21:15:12
CVE-2020-26228
2020-11-23 21:15:12
github
github
Cross-Site Scripting in Fluid view helpers
2020-12-21 16:28:11
Cross-Site Scripting through Fluid view helper arguments
2020-11-18 21:06:07
Cleartext storage of session identifier
2020-11-23 21:18:36
typo3
typo3
Cross-Site Scripting through Fluid view helper arguments
2020-11-17 00:00:00
Cleartext storage of session identifier
2020-11-17 00:00:00
Cross-Site Scripting in Fluid view helpers
2020-11-17 00:00:00
prion
prion
Sql injection
2020-11-23 21:15:00
Cross site scripting
2020-11-23 21:15:00
Cross site scripting
2020-11-17 21:15:00
friendsofphp
friendsofphp
TYPO3-CORE-SA-2020-010: Cross-Site Scripting in Fluid view helpers
2020-11-17 08:49:54
TYPO3-CORE-SA-2020-010: Cross-Site Scripting in Fluid view helpers
2020-11-17 08:49:54
TYPO3-CORE-SA-2020-011: Cleartext storage of session identifier
2020-11-17 08:50:08

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.5%

JSON
Related for OPENVAS:1361412562310145959
osv8cve3cvelist3veracode3nvd3github3typo33prion3friendsofphp5