Multiple vulnerabilities in extension mm_forum

2007-01-29T00:00:00
ID TYPO3-20070919-1
Type typo3
Reporter TYPO3 Association
Modified 2007-01-29T00:00:00

Description

It has been discovered that the extension mm_forum is vulnerable to multiple SQL Injection attacks and multiple XSS flaws alongside other vulnerabilities.

Component Type: Third party extension. This extension is not part of the TYPO3 default installation.

Affected Versions: Version 0.1.2 and all versions below.

Vulnerability Type: SQL Injection, Cross Site Scripting.

Severity: HIGH.

Problem Description: The extension is open to multiple SQL injections and Cross Site Scripting flaws because it fails to properly sanitize user-supplied input.

Please note that the TYPO3 Security Team has not done a complete review of the extension, due to lack of time and funding for this.

Please contact the TYPO3 Security Team if you are able to donate money to our work, i.e. reviewing this extension.

Solution: An updated version is available from the TYPO3 extension manager and at
http://typo3.org/extensions/repository/view/mm_forum/0.1.3/

General advice:
Follow the recommendations that are given in the <media 800 - external-link-new-window>TYPO3 Security Cookbook</media>.
Keep notice of the TYPO3 security bulletin page at http://typo3.org/teams/security/security-bulletins/.

Credits: The TYPO3 Security Team wishes to thank the guys at Mittwald CM Service. After being informed by the TYPO3 Security Team about the presence of multiple security issues, they have fixed the issues quickly, and also reviewed the full code of mm_forum, to eliminate further security issues.