8.1

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-45xg-4w5x-j429

GHSA-45xg-4w5x-j429: TYPO3 Arbitrary Shell Execution in Swiftmailer library

The swiftmailer library in use allows to execute arbitrary shell commands if the "From" header comes from a non-trusted source and no "Return-Path" is configured. Affected are only TYPO3 installation the configuration option

$GLOBALS['TYPO3_CONF_VARS']['MAIL']['transport']

is set to "sendmail". Installations with the default configuration are not affected.

(GitHub Advisory)

Miggo Vulnerability Database

→

GHSA-45xg-4w5x-j429

GHSA-45xg-4w5x-j429:

8.1

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
typo3/cms	composer	>= 6.2.0, < 6.2.6	6.2.6
typo3/cms	composer	>= 6.1.0, < 6.1.12	6.1.12
typo3/cms	composer	>= 4.7.0, < 4.7.20	4.7.20
typo3/cms	composer	>= 4.5.0, < 4.5.37	4.5.37

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper shell argument sanitization in the sendmail command construction. The commit diff shows the fix adds escapeshellarg() around the _getReversePath() return value, which is derived from the message's 'From' header. This directly indicates that the unescaped _getReversePath() value in the original code allowed command injection when building the sendmail command line. The affected code path is only triggered when using 'sendmail' transport mode, matching the vulnerability description.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

8.1

-

Basic Information

Basic Information

Concerned about an active attack path?

GHSA-45xg-4w5x-j429: TYPO3 Arbitrary Shell Execution in Swiftmailer library

GHSA-45xg-4w5x-j429:

8.1

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

8.1

8.1

Technical Details

GHSA-45xg-4w5x-j429: TYPO3 Arbitrary Shell Execution in Swiftmailer library

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Basic Information

Basic Information

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI