GHSA-hw6c-6gwq-3m3m

Source

https://github.com/advisories/GHSA-hw6c-6gwq-3m3m

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-hw6c-6gwq-3m3m/GHSA-hw6c-6gwq-3m3m.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-hw6c-6gwq-3m3m

Aliases

CVE-2024-34357

Published

2024-05-14T20:13:25Z

Modified

2024-05-19T02:24:46.283166Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

TYPO3 vulnerable to Cross-Site Scripting in the ShowImageController

Details

Problem

Failing to properly encode user-controlled values in file entities, the ShowImageController (eID txcmsshowpic) is vulnerable to cross-site scripting. Exploiting this vulnerability requires a valid backend user account with access to file entities.

Solution

Update to TYPO3 versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, 13.1.1 that fix the problem described.

Credits

Thanks to TYPO3 security team member Torben Hansen who reported this issue and to TYPO3 core & security team member Oliver Hader who fixed the issue.

References

TYPO3-CORE-SA-2024-009

References

Affected packages

Packagist / typo3/cms-core

Package

Name: typo3/cms-core
Purl: pkg:composer/typo3/cms-core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

9.0.0

Fixed

9.5.48

Affected versions

v9.*

v9.0.0

v9.1.0

v9.2.0

v9.2.1

v9.3.0

v9.3.1

v9.3.2

v9.3.3

v9.4.0

v9.5.0

v9.5.1

v9.5.2

v9.5.3

v9.5.4

v9.5.5

v9.5.6

v9.5.7

v9.5.8

v9.5.9

v9.5.10

v9.5.11

v9.5.12

v9.5.13

v9.5.14

v9.5.15

v9.5.16

v9.5.17

v9.5.18

v9.5.19

v9.5.20

v9.5.21

v9.5.22

v9.5.23

v9.5.24

v9.5.25

v9.5.26

v9.5.27

v9.5.28

v9.5.29

v9.5.30

v9.5.31

Database specific

{
    "last_known_affected_version_range": "<= 9.5.47"
}

Packagist / typo3/cms-core

Package

Name: typo3/cms-core
Purl: pkg:composer/typo3/cms-core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

10.0.0

Fixed

10.4.45

Affected versions

v10.*

v10.0.0

v10.1.0

v10.2.0

v10.2.1

v10.2.2

v10.3.0

v10.4.0

v10.4.1

v10.4.2

v10.4.3

v10.4.4

v10.4.5

v10.4.6

v10.4.7

v10.4.8

v10.4.9

v10.4.10

v10.4.11

v10.4.12

v10.4.13

v10.4.14

v10.4.15

v10.4.16

v10.4.17

v10.4.18

v10.4.19

v10.4.20

v10.4.21

v10.4.22

v10.4.23

v10.4.24

v10.4.25

v10.4.26

v10.4.27

v10.4.28

v10.4.29

v10.4.30

v10.4.31

v10.4.32

v10.4.33

v10.4.34

v10.4.36

v10.4.37

Database specific

{
    "last_known_affected_version_range": "<= 10.4.44"
}

Packagist / typo3/cms-core

Package

Name: typo3/cms-core
Purl: pkg:composer/typo3/cms-core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

11.0.0

Fixed

11.5.37

Affected versions

v11.*

v11.0.0

v11.1.0

v11.1.1

v11.2.0

v11.3.0

v11.3.1

v11.3.2

v11.3.3

v11.4.0

v11.5.0

v11.5.1

v11.5.2

v11.5.3

v11.5.4

v11.5.5

v11.5.6

v11.5.7

v11.5.8

v11.5.9

v11.5.10

v11.5.11

v11.5.12

v11.5.13

v11.5.14

v11.5.15

v11.5.16

v11.5.17

v11.5.18

v11.5.19

v11.5.20

v11.5.21

v11.5.22

v11.5.23

v11.5.24

v11.5.25

v11.5.26

v11.5.27

v11.5.28

v11.5.29

v11.5.30

v11.5.31

v11.5.32

v11.5.33

v11.5.34

v11.5.35

v11.5.36

Database specific

{
    "last_known_affected_version_range": "<= 11.5.36"
}

Packagist / typo3/cms-core

Package

Name: typo3/cms-core
Purl: pkg:composer/typo3/cms-core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

12.0.0

Fixed

12.4.15

Affected versions

v12.*

v12.0.0

v12.1.0

v12.1.1

v12.1.2

v12.1.3

v12.2.0

v12.3.0

v12.4.0

v12.4.1

v12.4.2

v12.4.3

v12.4.4

v12.4.5

v12.4.6

v12.4.7

v12.4.8

v12.4.9

v12.4.10

v12.4.11

v12.4.12

v12.4.13

v12.4.14

Database specific

{
    "last_known_affected_version_range": "<= 12.4.14"
}

Packagist / typo3/cms-core

Package

Name: typo3/cms-core
Purl: pkg:composer/typo3/cms-core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13.0.0

Fixed

13.1.1

Affected versions

v13.*

v13.0.0

v13.0.1

v13.1.0

Database specific

{
    "last_known_affected_version_range": "<= 13.1.0"
}