-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| typo3/cms | composer | >= 4.4, < 4.4.15 | 4.4.15 |
| typo3/cms | composer | >= 4.5, < 4.5.15 | 4.5.15 |
| typo3/cms | composer | >= 4.6, < 4.6.8 | 4.6.8 |
| typo3/cms | composer | = 4.7 |
PHPPHPMiggo AIRoot Cause AnalysisThe vulnerability stems from unencoded exception message output in TYPO3's core ExceptionHandler. The primary vulnerable function is handleException() which directly controls error page rendering. While no patch diffs are available, security advisories explicitly identify the Exception Handler component as the vulnerable area. The writeLog method is included as secondary due to its role in processing exception messages, though its direct exploitability depends on logging configuration.
Ongoing coverage of React2Shell