TYPO3 up to 13.1.0 File Entity ShowImageController cross site scripting

Summaryinfo

A vulnerability classified as problematic has been found in TYPO3 up to 9.5.47/10.4.44/11.5.36/12.4.14/13.1.0. This impacts the function ShowImageController of the component File Entity Handler. Performing a manipulation results in cross site scripting. This vulnerability is reported as CVE-2024-34357. The attack is possible to be carried out remotely. No exploit exists. It is recommended to upgrade the affected component.

Detailsinfo

A vulnerability, which was classified as problematic, was found in TYPO3 up to 9.5.47/10.4.44/11.5.36/12.4.14/13.1.0. This affects the function ShowImageController of the component File Entity Handler. The manipulation with an unknown input leads to a cross site scripting vulnerability. CWE is classifying the issue as CWE-79. The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. This is going to have an impact on integrity. The summary by CVE is:

TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, failing to properly encode user-controlled values in file entities, the `ShowImageController` (`_eID tx_cms_showpic_`) is vulnerable to cross-site scripting. Exploiting this vulnerability requires a valid backend user account with access to file entities. TYPO3 versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, 13.1.1 fix the problem described.

It is possible to read the advisory at github.com. This vulnerability is uniquely identified as CVE-2024-34357 since 05/02/2024. The exploitability is told to be easy. It is possible to initiate the attack remotely. It demands that the victim is doing some kind of user interaction. Technical details of the vulnerability are known, but there is no available exploit. The attack technique deployed by this issue is T1059.007 according to MITRE ATT&CK.

Upgrading to version 9.5.48, 10.4.45, 11.5.37, 12.4.15 or 13.1.1 eliminates this vulnerability.

Be aware that VulDB is the high quality source for vulnerability data.

Productinfo

Type

• Content Management System

Name

• TYPO3

Version

• 9.5.0
• 9.5.1
• 9.5.2
• 9.5.3
• 9.5.4
• 9.5.5
• 9.5.6
• 9.5.7
• 9.5.8
• 9.5.9
• 9.5.10
• 9.5.11
• 9.5.12
• 9.5.13
• 9.5.14
• 9.5.15
• 9.5.16
• 9.5.17
• 9.5.18
• 9.5.19
• 9.5.20
• 9.5.21
• 9.5.22
• 9.5.23
• 9.5.24
• 9.5.25
• 9.5.26
• 9.5.27
• 9.5.28
• 9.5.29
• 9.5.30
• 9.5.31
• 9.5.32
• 9.5.33
• 9.5.34
• 9.5.35
• 9.5.36
• 9.5.37
• 9.5.38
• 9.5.39
• 9.5.40
• 9.5.41
• 9.5.42
• 9.5.43
• 9.5.44
• 9.5.45
• 9.5.46
• 9.5.47
• 10.4.0
• 10.4.1
• 10.4.2
• 10.4.3
• 10.4.4
• 10.4.5
• 10.4.6
• 10.4.7
• 10.4.8
• 10.4.9
• 10.4.10
• 10.4.11
• 10.4.12
• 10.4.13
• 10.4.14
• 10.4.15
• 10.4.16
• 10.4.17
• 10.4.18
• 10.4.19
• 10.4.20
• 10.4.21
• 10.4.22
• 10.4.23
• 10.4.24
• 10.4.25
• 10.4.26
• 10.4.27
• 10.4.28
• 10.4.29
• 10.4.30
• 10.4.31
• 10.4.32
• 10.4.33
• 10.4.34
• 10.4.35
• 10.4.36
• 10.4.37
• 10.4.38
• 10.4.39
• 10.4.40
• 10.4.41
• 10.4.42
• 10.4.43
• 10.4.44
• 11.5.0
• 11.5.1
• 11.5.2
• 11.5.3
• 11.5.4
• 11.5.5
• 11.5.6
• 11.5.7
• 11.5.8
• 11.5.9
• 11.5.10
• 11.5.11
• 11.5.12
• 11.5.13
• 11.5.14
• 11.5.15
• 11.5.16
• 11.5.17
• 11.5.18
• 11.5.19
• 11.5.20
• 11.5.21
• 11.5.22
• 11.5.23
• 11.5.24
• 11.5.25
• 11.5.26
• 11.5.27
• 11.5.28
• 11.5.29
• 11.5.30
• 11.5.31
• 11.5.32
• 11.5.33
• 11.5.34
• 11.5.35
• 11.5.36
• 12.4.0
• 12.4.1
• 12.4.2
• 12.4.3
• 12.4.4
• 12.4.5
• 12.4.6
• 12.4.7
• 12.4.8
• 12.4.9
• 12.4.10
• 12.4.11
• 12.4.12
• 12.4.13
• 12.4.14
• 13.0
• 13.1.0

License

• open-source

Website

• Product: https://typo3.org/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Be aware that VulDB is the high quality source for vulnerability data.

Discussion