GHSA-vpw5-grxx-v396

Source

https://github.com/advisories/GHSA-vpw5-grxx-v396

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/09/GHSA-vpw5-grxx-v396/GHSA-vpw5-grxx-v396.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-vpw5-grxx-v396

Aliases

CVE-2021-36793

Published

2021-09-02T17:16:56Z

Modified

2023-11-08T04:06:16.675857Z

Severity

6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C CVSS Calculator

Summary

CSRF token exposure in TYPO3 extension

Details

When using the CsrfTokenViewHelper the extension discloses the user's session identifier to HTML output without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance Cross Site Scripting in the frontend output.

Database specific

{
    "nvd_published_at": "2021-08-13T17:15:00Z",
    "github_reviewed_at": "2021-08-30T17:23:15Z",
    "severity": "MODERATE",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-668"
    ]
}

References

Affected packages

Packagist / lms/routes

Package

Name: lms/routes
Purl: pkg:composer/lms/routes

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.1.1

Affected versions

v1.*

v1.3.3

v1.4.0

v1.4.1

v1.5.0

v1.5.1

v1.5.2

v1.5.3

v1.5.4

v1.5.5

v1.5.6

v1.5.7

v1.5.10

v1.6.0

v1.6.1

v1.6.2

v1.6.3

v1.7.0

v1.8.0

v1.8.1

v1.8.2

v1.8.3

v1.8.4

v1.8.5

v1.8.6

v1.8.7

v2.*

v2.0.0

v2.1.0