CVE-2024-34357

TYPO3 vulnerable to Cross-Site Scripting in ShowImageController

CVSS 5.4 MEDIUMEPSS 0.5%CWE-79

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 5.4EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

14 May 2024Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, failing to properly encode user-controlled values in file entities, the `ShowImageController` (`_eID tx_cms_showpic_`) is vulnerable to cross-site scripting. Exploiting this vulnerability requires a valid backend user account with access to file entities. TYPO3 versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, 13.1.1 fix the problem described.

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Affected products

TYPO3 · typo3

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/TYPO3/typo3/commit/376474904f6b9a54dc1b785a2e45277cbd13b0d7 https://github.com/TYPO3/typo3/commit/b31d05d1da3eeaeead2d19eb43b1c3f9c88e15ee https://github.com/TYPO3/typo3/commit/d774642381354d3bf5095a5a26e18acd2767f0b1 https://github.com/TYPO3/typo3/security/advisories/GHSA-hw6c-6gwq-3m3m https://typo3.org/security/advisory/typo3-core-sa-2024-009