Cатсн²² (in)sесuяitу / ChrisJohnRiley
Because we're damned if we do, and we're damned if we don't!
TYPO3-SA-2009-016 – Install Tool
TYPO3-SA-2009-016
Original Release Date: October 22, 2009
Vendor: TYPO3 (Core)
Product: TYPO3 CMS – Install Tool
Affected Versions
TYPO3 versions :
- 4.1.12 and below
- 4.2.9 and below
- 4.3beta1 and below
Vulnerability Type: Cross-Site Scripting
Overall Severity: Medium
Problem Description
Failing to sanitize URL parameters, the Install Tool is susceptible to Cross-site scripting attacks.
Impact
TYPO3 installations with exposed Install Tool interfaces* are exposed to possible Cross-Site Scripting style attacks.
* The Install Tool is not meant to be activated in production environments, which is already clearly stated in several places in the TYPO3 backend and the Install Tool itself. Please respect these warnings and use the new feature in TYPO3 versions 4.2.8 and above to enable the Install Tool for maintenance only and disable it immediately afterwards.
Vendor Response
Update to the TYPO3 versions 4.1.13, 4.2.10 or 4.3beta2 that fix the problem described.
Credit(s)
Credits go to Chirs John Riley and Susanne Moog who discovered and reported the issue.
References
- TYPO3 Advisory (TYPO3-SA-2009-016)
<http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016/>
Cатсн²² (in)sесuяitу / ChrisJohnRiley 