CVE-2021-41113 – Cross-Site-Request-Forgery in Backend URI Handling in Typo3
https://notcve.org/view.php?id=CVE-2021-41113
TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the new TYPO3 v11 feature that allows users to create and share deep links in the backend user interface is vulnerable to cross-site-request-forgery. The impact is the same as described in TYPO3-CORE-SA-2020-006 (CVE-2020-11069). However, it is not limited to the same site context and does not require the attacker to be authenticated. In a worst case scenario, the attacker could create a new admin user account to compromise the system. • https://github.com/TYPO3/typo3/commit/fa51999203c5e5d913ecae5ea843ccb2b95fa33f https://github.com/TYPO3/typo3/security/advisories/GHSA-657m-v5vm-f6rw https://typo3.org/security/advisory/typo3-core-sa-2020-006 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2021-41114 – HTTP Host Header Injection in Request Handling in Typo3
https://notcve.org/view.php?id=CVE-2021-41114
TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP Host header. TYPO3 uses the HTTP Host header, for example, to generate absolute URLs during the frontend rendering process. Since the host header itself is provided by the client, it can be forged to any value, even in a name-based virtual hosts environment. This vulnerability is the same as described in TYPO3-CORE-SA-2014-001 (CVE-2014-3941). • https://github.com/TYPO3/typo3/commit/5cbff85506cebe343e5ae59228977547cf8e3cf4 https://github.com/TYPO3/typo3/security/advisories/GHSA-m2jh-fxw4-gphm https://typo3.org/security/advisory/typo3-core-sa-2021-015 • CWE-20: Improper Input Validation CWE-644: Improper Neutralization of HTTP Headers for Scripting Syntax •
CVE-2021-32768 – Cross-Site Scripting via Rich-Text Content
https://notcve.org/view.php?id=CVE-2021-32768
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions failing to properly parse, sanitize and encode malicious rich-text content, the content rendering process in the website frontend is vulnerable to cross-site scripting. Corresponding rendering instructions via TypoScript functionality HTMLparser does not consider all potentially malicious HTML tag & attribute combinations per default. In default scenarios, a valid backend user account is needed to exploit this vulnerability. In case custom plugins used in the website frontend accept and reflect rich-text content submitted by users, no authentication is required. • https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-c5c9-8c6m-727v https://typo3.org/security/advisory/typo3-core-sa-2021-013 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-32767 – Information Disclosure in User Authentication
https://notcve.org/view.php?id=CVE-2021-32767
TYPO3 is an open source PHP based web content management system. In versions 9.0.0 through 9.5.27, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0, user credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3 versions 9.5.28, 10.4.18, 11.3.1 contain a patch for this vulnerability. TYPO3 es un sistema de administración de contenidos web de código abierto basado en PHP. • https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235 https://typo3.org/security/advisory/typo3-core-sa-2021-012 • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2021-32669 – Cross-Site Scripting in Backend Grid View
https://notcve.org/view.php?id=CVE-2021-32669
TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When settings for _backend layouts_ are not properly encoded, the corresponding grid view is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. TYPO3 versions 9.5.29, 10.4.18, 11.3.1 contain a patch for this vulnerability. • https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-rgcg-28xm-8mmw https://typo3.org/security/advisory/typo3-core-sa-2021-011 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •