Miggo Logo

CVE-2014-9508: Typo3 Open Redirect In Frontend Rendering

4.3

CVSS Score

Basic Information

EPSS Score
0.51992%
Published
5/17/2022
Updated
2/5/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
typo3/cmscomposer>= 4.5.0, < 4.5.394.5.39
typo3/cmscomposer>= 4.6.0, < 6.2.96.2.9
typo3/cmscomposer>= 7.0.0, < 7.0.27.0.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper handling of anchor links when 'config.prefixLocalAnchors' is enabled without 'config.absRefPrefix'. The ContentObjectRenderer::typoLink function is directly responsible for URL generation and would apply the vulnerable prefix logic. PageGenerator::renderContentWithHeader manages overall page rendering context where this misconfiguration could be exploited. Both are core components of TYPO3's frontend rendering pipeline where URL manipulation would occur. Confidence is high for typoLink due to its direct role in link processing, and medium for PageGenerator due to broader contextual involvement.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** *ront*n* r*n**rin* *ompon*nt in TYPO* *.*.x ***or* *.*.**, *.*.x t*rou** *.*.x ***or* *.*.*, *n* *.x ***or* *.*.*, *llows r*mot* *tt**k*rs to ***n** URLs to *r*itr*ry *om*ins. *n *tt**k*r *oul* *or** * r*qu*st w*i** mo*i*i*s *n**or only links on

Reasoning

T** vuln*r**ility st*ms *rom improp*r **n*lin* o* *n**or links w**n '*on*i*.pr**ixLo**l*n**ors' is *n**l** wit*out '*on*i*.**sR**Pr**ix'. T** `*ont*ntO*j**tR*n**r*r::typoLink` *un*tion is *ir**tly r*sponsi*l* *or URL **n*r*tion *n* woul* *pply t** vu