Tag: TYPO3 CMS
TYPO3-20070221-1: Email header injection
A problem has been discovered where the internal form engine can be used for sending arbitrary mail headers, using it for purposes which it is not meant for.
Read moreTYPO3-20060911-1: Cross-Site Scripting vulnerability in Indexed Search
A problem has been discovered with indexed search being vulnerable to Cross-Site-Scripting (XSS)
TYPO3-20051114-2: TYPO3 Security Bulletin
A Cross Site Scripting issue has been found in showpic.php.
TYPO3-20051114-7: TYPO3 Security Bulletin
Situations are imaginable where sensitive information gets stored in the fileadmin/_temp_/ directory. If misconfigured in your web server, this directory can be browsable and therefore expose that information.
TYPO3-20051114-6: TYPO3 Security Bulletin
Under special circumstances, setting config.baseURL (see typo3.org/documentation/document-library/doc_core_tsref/quot_CONFIG_quot/ ) to a numeric value ("1") could be used to spoof a malicious baseURL into your TYPO3 cache. It has now been decided to technically prevent this misconfiguration.
TYPO3-20051114-5: TYPO3 Security Bulletin
For convenience, the TYPO3 Install Tool provides a button sets the "encryptionKey" to a random value. It has been observed that only parts of the generated value are actually random. The overall key is therefore unique and -as of today- considered sufficiently secure. However, the effective key length is not the intended one.
TYPO3-20051114-4: TYPO3 Security Bulletin
In the past, a "Shift Reload" from the browser (AKA a GET request with the "no-cache" pragma set) cleared the TYPO3 cache of the requested page. This may be considered a potential target for Denial of Service attacks.
TYPO3-20051114-1: TYPO3 Security Bulletin
The file editor functionality in the TYPO3 Install Tool (menu option "Edit files in typo3conf/") has an option that reads "Make backup copy". If set, this will create a backup copy and append a "~" to the original file name. This leads to file names that may be delivered as text files by a web server. Thus, sensitive information (e.g. the content of localconf.php) may be disclosed.
TYPO3-20050725-1: TYPO3 Security Bulletin
A debug script exposes system information provided by phpinfo(). By default, the script can be executed by a remote user.
TYPO3-20050307-1: TYPO3 Security Bulletin
Unless the default encryption key settings have been changed by the administrator, the TYPO3 mailform can be compromised to send mail to a wrong receipient. Thus, spam mails may be sent from a remote site.