Miggo Logo
Miggo Vulnerability Database
CVE-2011-4630

CVE-2011-4630:
Typo3 XSS Vulnerability

5.4

CVSS Score
3.1

Basic Information

CVE ID
CVE-2011-4630
GHSA ID
GHSA-29wr-24h5-95r5
EPSS Score
0.41874%
CWE
CWE-79
Published
4/22/2022
Updated
1/12/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
typo3/cmscomposer>= 4.5.0, < 4.5.44.5.4
typo3/cmscomposer>= 4.4.0, < 4.4.94.4.9
typo3/cmscomposer< 4.3.124.3.12

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability specifically references the browse_links wizard as the attack vector. TYPO3's link browser (handled by SC_browse_links class in older versions) processes link parameters from content elements. The main() function in this class was known to output user-controlled 'currentLink' values without adequate HTML/JS escaping in vulnerable versions, enabling script injection when the wizard is rendered. This matches the XSS pattern described in advisories where attacker-controlled input flows into the DOM without sanitization.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ross-sit* S*riptin* (XSS) in TYPO* ***or* *.*.**, *.*.x ***or* *.*.*, *n* *.*.x ***or* *.*.* *llows r*mot* *tt**k*rs to inj**t *r*itr*ry w** s*ript or *TML vi* t** `*rows*_links` wiz*r*.

Reasoning

T** vuln*r**ility sp**i*i**lly r***r*n**s t** *rows*_links wiz*r* *s t** *tt**k v**tor. TYPO*'s link *rows*r (**n*l** *y S*_*rows*_links *l*ss in ol**r v*rsions) pro**ss*s link p*r*m*t*rs *rom *ont*nt *l*m*nts. T** m*in() *un*tion in t*is *l*ss w*s k