CVSS: 5.7EPSS: 0%CPEs: 4EXPL: 0CVE-2022-23504 – TYPO3 contains Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration
https://notcve.org/view.php?id=CVE-2022-23504
TYPO3 is an open source PHP based web content management system. Versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are subject to Sensitive Information Disclosure. Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers could expose sensitive internal information, such as system configuration or HTTP request messages of other website visitors. A valid backend user account having administrator privileges is needed to exploit this vulnerability. This issue has been patched in versions 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1. • https://github.com/TYPO3/typo3/security/advisories/GHSA-8w3p-qh3x-6gjr • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-23503 – TYPO3 vulnerable to Arbitrary Code Execution via Form Framework
https://notcve.org/view.php?id=CVE-2022-23503
TYPO3 is an open source PHP based web content management system. Versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are vulnerable to Code Injection. Due to the lack of separating user-submitted data from the internal configuration in the Form Designer backend module, it is possible to inject code instructions to be processed and executed via TypoScript as PHP code. The existence of individual TypoScript instructions for a particular form item and a valid backend user account with access to the form module are needed to exploit this vulnerability. This issue is patched in versions 8.7.49 ELTS, 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1. • https://github.com/TYPO3/typo3/security/advisories/GHSA-c5wx-6c2c-f7rm • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-23501 – TYPO3 vulnerable to Improper Authentication in Frontend Login
https://notcve.org/view.php?id=CVE-2022-23501
TYPO3 is an open source PHP based web content management system. In versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 TYPO3 is vulnerable to Improper Authentication. Restricting frontend login to specific users, organized in different storage folders (partitions), can be bypassed. A potential attacker might use this ambiguity in usernames to get access to a different account - however, credentials must be known to the adversary. This issue is patched in versions 8.7.49 ELTS, 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1. • https://github.com/TYPO3/typo3/security/advisories/GHSA-jfp7-79g7-89rf • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-23500 – TYPO3 subject to Uncontrolled Recursion resulting in Denial of Service
https://notcve.org/view.php?id=CVE-2022-23500
TYPO3 is an open source PHP based web content management system. In versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1, requesting invalid or non-existing resources via HTTP triggers the page error handler, which again could retrieve content to be shown as an error message from another page. This leads to a scenario in which the application is calling itself recursively - amplifying the impact of the initial attack until the limits of the web server are exceeded. This vulnerability is very similar, but not identical, to the one described in CVE-2021-21359. This issue is patched in versions 9.5.38 ELTS, 10.4.33, 11.5.20 or 12.1.1. • https://github.com/TYPO3/typo3/security/advisories/GHSA-8c28-5mp7-v24h • CWE-674: Uncontrolled Recursion •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2022-36105 – User Enumeration via Response Timing in TYPO3
https://notcve.org/view.php?id=CVE-2022-36105
TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that observing response time during user authentication (backend and frontend) can be used to distinguish between existing and non-existing user accounts. Extension authors of 3rd party TYPO3 extensions providing a custom authentication service should check if the extension is affected by the described problem. Affected extensions must implement new `MimicServiceInterface::mimicAuthUser`, which simulates corresponding times regular processing would usually take. Update to TYPO3 version 7.6.58 ELTS, 8.7.48 ELTS, 9.5.37 ELTS, 10.4.32 or 11.5.16 that fix this problem. • https://github.com/TYPO3/typo3/commit/f8b83ce15d4ea275a5a5e564e5d324242f7937b6 https://github.com/TYPO3/typo3/security/advisories/GHSA-m392-235j-9r7r https://typo3.org/security/advisory/typo3-core-sa-2022-007 • CWE-203: Observable Discrepancy •