CVE-2024-34537

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-34537
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-34537.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-34537
Aliases
Published
2024-10-28T14:15:04.740Z
Modified
2026-02-16T02:09:08.502200Z
Severity
  • 4.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

TYPO3 before 13.3.1 allows denial of service (interface error) in the Bookmark Toolbar (ext:backend), exploitable by an administrator-level backend user account via manipulated data saved in the bookmark toolbar of the backend user interface. The fixed versions are 10.4.46 ELTS, 11.5.40 LTS, 12.4.21 LTS, and 13.3.1.

References

Affected packages

Git / github.com/typo3/typo3.cms

Affected ranges

Type
GIT
Repo
https://github.com/typo3/typo3.cms
Events
Introduced
36096733dea4bd6f6168209609fa879dc25c0138
Fixed
bcec228562e6af38aaeb08899c9e93bcedd50d5a
Introduced
6a5e2d4097ef0a0e3ea955af93cf83810d6fa234
Fixed
a3abdf398dadca2083151d88bb873b252c5f94f3
Introduced
fd8745e46bb11773e85524b8ee9650dabe340713
Fixed
f98c944f6e3111ffd699791dcfb0c2ace7f76195

Affected versions

v11.*
v11.0.0
v11.1.0
v11.2.0
v11.3.0
v11.4.0
v11.5.0
v11.5.1
v11.5.10
v11.5.11
v11.5.12
v11.5.13
v11.5.14
v11.5.15
v11.5.16
v11.5.17
v11.5.18
v11.5.19
v11.5.2
v11.5.20
v11.5.21
v11.5.22
v11.5.23
v11.5.24
v11.5.25
v11.5.26
v11.5.27
v11.5.28
v11.5.29
v11.5.3
v11.5.30
v11.5.31
v11.5.32
v11.5.33
v11.5.34
v11.5.35
v11.5.36
v11.5.37
v11.5.38
v11.5.39
v11.5.4
v11.5.5
v11.5.6
v11.5.7
v11.5.8
v11.5.9
v12.*
v12.0.0
v12.1.0
v12.2.0
v12.3.0
v12.4.0
v12.4.1
v12.4.10
v12.4.11
v12.4.12
v12.4.13
v12.4.14
v12.4.15
v12.4.16
v12.4.17
v12.4.18
v12.4.19
v12.4.2
v12.4.20
v12.4.3
v12.4.4
v12.4.5
v12.4.6
v12.4.7
v12.4.8
v12.4.9
v13.*
v13.0.0
v13.1.0
v13.2.0
v13.2.1
v13.3.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-34537.json"