Miggo Logo
Miggo Vulnerability Database
GHSA-8h28-f46f-m87h

GHSA-8h28-f46f-m87h: Insecure Deserialization in TYPO3 CMS

N/A

CVSS Score

Basic Information

CVE ID
-
GHSA ID
GHSA-8h28-f46f-m87h
EPSS Score
-
CWE
CWE-502
Published
6/5/2024
Updated
6/5/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
-
Package NameEcosystemVulnerable VersionsFirst Patched Version
typo3/cmscomposer>= 8.5.0, < 8.7.178.7.17
typo3/cmscomposer>= 9.0.0, < 9.3.29.3.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability arises from the combination of TYPO3's Form Framework using the PECL yaml extension with the 'yaml.decode_php' setting enabled (default). This allows yaml_parse() to deserialize PHP objects via YAML's !php/object tags. The advisory explicitly links the vulnerability to this configuration and YAML processing in the form extension. While the exact file path isn't provided in available resources, yaml_parse() is the core function enabling object deserialization in this context.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

It **s ***n *is*ov*r** t**t t** *orm *r*m*work (syst*m *xt*nsion "*orm") is vuln*r**l* to Ins**ur* **s*ri*liz*tion w**n **in* us** wit* t** ***ition*l P*P P**L p**k*** “y*ml”, w*i** is **p**l* o* uns*ri*lizin* Y*ML *ont*nts to P*P o*j**ts. * v*li* **

Reasoning

T** vuln*r**ility *ris*s *rom t** *om*in*tion o* TYPO*'s *orm *r*m*work usin* t** P**L y*ml *xt*nsion wit* t** 'y*ml.***o**_p*p' s*ttin* *n**l** (****ult). T*is *llows y*ml_p*rs*() to **s*ri*liz* P*P o*j**ts vi* Y*ML's !p*p/o*j**t t**s. T** **visory