CVE-2023-47126

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-47126

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-47126.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-47126

Aliases

Related

GHSA-p2jh-95jg-2w55

Published

2023-11-14T20:15:08Z

Modified

2025-01-15T05:03:25.125191Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions the login screen of the standalone install tool discloses the full path of the transient data directory (e.g. /var/www/html/var/transient/). This applies to composer-based scenarios only - “classic” non-composer installations are not affected. This issue has been addressed in version 12.4.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.

References

Affected packages

Git / github.com/typo3/typo3

Affected ranges

Type: GIT
Repo: https://github.com/typo3/typo3
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

1a735dac01ec7b337ed0d80c738caa8967dea423

Fixed

1a735dac01ec7b337ed0d80c738caa8967dea423

Type: GIT
Repo: https://github.com/typo3/typo3.cms
Events: Introduced

40c555936c3cd0fa0c09a5971b73b796bd1b9596

Fixed

639f2dbbafa5e6835499e70e111c7f22bc6cb966

Affected versions

6.*

6.2.0

6.2.1

6.2.2

6.2.3

7.*

7.0.0

7.1.0

7.2.0

7.3.0

7.4.0

7.5.0

7.6.0

7.6.1

7.6.2

8.*

8.0.0

8.1.0

8.2.0

8.3.0

8.4.0

8.5.0

8.6.0

8.7.0

Other

TYPO3_6-1-0rc1

TYPO3_6-2-0

TYPO3_6-2-0alpha1

TYPO3_6-2-0alpha2

TYPO3_6-2-0alpha3

TYPO3_6-2-0beta1

TYPO3_6-2-0beta2

TYPO3_6-2-0beta3

TYPO3_6-2-0beta4

TYPO3_6-2-0beta5

TYPO3_6-2-0beta6

TYPO3_6-2-0beta7

TYPO3_6-2-0rc1

TYPO3_6-2-0rc2

TYPO3_6-2-1

TYPO3_6-2-2

TYPO3_6-2-3

TYPO3_7-0-0

TYPO3_7-1-0

TYPO3_7-2-0

TYPO3_7-3-0

TYPO3_7-4-0

TYPO3_7-5-0

TYPO3_7-6-0

TYPO3_7-6-1

TYPO3_7-6-2

TYPO3_8-0-0

TYPO3_8-1-0

TYPO3_8-2-0

TYPO3_8-3-0

TYPO3_8-4-0

TYPO3_8-5-0

TYPO3_8-6-0

TYPO3_8-7-0

v10.*

v10.0.0

v10.1.0

v10.2.0

v10.3.0

v10.4.0

v10.4.1

v10.4.2

v10.4.3

v11.*

v11.0.0

v11.1.0

v11.2.0

v11.3.0

v11.4.0

v11.5.0

v11.5.1

v11.5.2

v11.5.3

v12.*

v12.0.0

v12.1.0

v12.2.0

v12.3.0

v12.4.0

v12.4.1

v12.4.2

v12.4.3

v12.4.4

v12.4.5

v12.4.6

v12.4.7

v9.*

v9.0.0

v9.1.0

v9.2.0

v9.3.0

v9.4.0

v9.5.0

v9.5.1

v9.5.2

v9.5.3