typo3/cms is vulnerable to SQL injection. The vulnerability is due to a flaw in the database escaping API when configured for MySQL passthrough mode, which affects all queries using DatabaseConnection::sql_query
, even if arguments were properly escaped with DatabaseConnection::quoteStr
.