-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI
PHPPHPMiggo AIRoot Cause AnalysisThe provided vulnerability details and the associated patch commit directly point to a missing authorization vulnerability in the CSV download functionality of TYPO3. The commit c983415f062c32f8edbb78544a0ff3219bc35d17 modifies the RecordListDownloadController.php file, specifically within the handleDownloadRequest function. The added code explicitly introduces a permission check ($backendUser->check('tables_select', $this->table)) that was previously absent. This confirms that the handleDownloadRequest function was the entry point for the vulnerability, as it processed the download request without proper authorization. An attacker could have exploited this by crafting a request to this controller to download data from an arbitrary table. Therefore, this function would be present in any runtime profile capturing the exploitation of this information disclosure vulnerability.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| typo3/cms-backend | composer | >= 12.0.0, < 12.4.37 | 12.4.37 |
| typo3/cms-backend | composer | >= 13.0.0, < 13.4.18 | 13.4.18 |
| typo3/cms-recordlist | composer | >= 11.0.0, < 11.5.48 | 12.4.37 |
Ongoing coverage of React2Shell