-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability stems from improper handling of t3:// URLs containing dangerous schemes (javascript:/data:). UrlLinkHandler's resolveHandlerData directly processes the user-controlled 'url' parameter without adequate scheme validation. ContentObjectRenderer::typolink then uses this data to generate href attributes without proper escaping. The advisory explicitly mentions both backend forms and frontend typolink rendering as attack vectors, implicating these core link processing components.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| typo3/cms-core | composer | >= 8.0.0, < 8.7.27 | 8.7.27 |
| typo3/cms-core | composer | >= 9.0.0, < 9.5.8 | 9.5.8 |
| typo3/cms | composer | >= 8.0.0, < 8.7.27 | 8.7.27 |
| typo3/cms | composer | >= 9.0.0, < 9.5.8 | 9.5.8 |