SB2024051516 - Multiple vulnerabilities in TYPO3
Published: May 15, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) Cross-site scripting (CVE-ID: CVE-2024-34357)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in ShowImageController. A remote user can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
2) Resource exhaustion (CVE-ID: CVE-2024-34358)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in ShowImageController. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
3) Cross-site scripting (CVE-ID: CVE-2024-34356)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in Form Manager Module. A remote user can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
4) Cross-site scripting (CVE-ID: CVE-2024-34355)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in History Module. A remote user can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
Remediation
Install update from vendor's website.
References
- https://typo3.org/security/advisory/typo3-core-sa-2024-009
- https://github.com/TYPO3/typo3/commit/d774642381354d3bf5095a5a26e18acd2767f0b1
- https://github.com/TYPO3/typo3/commit/b31d05d1da3eeaeead2d19eb43b1c3f9c88e15ee
- https://github.com/TYPO3/typo3/commit/376474904f6b9a54dc1b785a2e45277cbd13b0d7
- https://github.com/TYPO3/typo3/security/advisories/GHSA-hw6c-6gwq-3m3m
- https://github.com/TYPO3/typo3/security/advisories/GHSA-36g8-62qv-5957
- https://github.com/TYPO3/typo3/commit/05c95fed869a1a6dcca06c7077b83b6ea866ff14
- https://github.com/TYPO3/typo3/commit/1e70ebf736935413b0531004839362b4fb0755a5
- https://github.com/TYPO3/typo3/commit/df7909b6a1cf0f12a42994d0cc3376b607746142
- https://typo3.org/security/advisory/typo3-core-sa-2024-010
- https://github.com/TYPO3/typo3/security/advisories/GHSA-v6mw-h7w6-59w3
- https://github.com/TYPO3/typo3/commit/2832e2f51f929aeddb5de7d667538a33ceda8156
- https://github.com/TYPO3/typo3/commit/d0393a879a32fb4e3569acad6bdb5cda776be1e5
- https://github.com/TYPO3/typo3/commit/e95a1224719efafb9cab2d85964f240fd0356e64
- https://typo3.org/security/advisory/typo3-core-sa-2024-008
- https://github.com/TYPO3/typo3/security/advisories/GHSA-xjwx-78x7-q6jc
- https://github.com/TYPO3/typo3/commit/56afa304ba8b5ad302e15df5def71bcc8d820375
- https://typo3.org/security/advisory/typo3-core-sa-2024-007