logo
DATABASE RESOURCES PRICING ABOUT US

Server-side request forgery in extension "Yoast SEO for TYPO3" (yoast_seo)

Description

The extension fails to restrict analyzed URLs to domains managed by the current TYPO3 website. A logged in TYPO3 backend user can use the vulnerability to make HTTP requests to arbitrary domains including the webserver itself or other internally managed resources.


Affected Software


CPE Name Name Version
yoast_seo 7.2.0

Related