Miggo Logo
Miggo Vulnerability Database
GHSA-95qm-3xp7-vfj5

GHSA-95qm-3xp7-vfj5: TYPO3 Cross-Site Scripting in Form Framework validation handling

6.1

CVSS Score
3.1

Basic Information

CVE ID
-
GHSA ID
GHSA-95qm-3xp7-vfj5
EPSS Score
-
CWE
CWE-79
Published
5/30/2024
Updated
5/30/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
typo3/cms-corecomposer>= 10.0.0, < 10.2.110.2.1
typo3/cms-corecomposer>= 8.0.0, < 8.7.308.7.30
typo3/cms-corecomposer>= 9.0.0, < 9.5.129.5.12

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper output encoding in form validation error handling. TYPO3's Form Framework uses ValidationResultsViewHelper to display errors and AbstractElementRenderer for element-level error rendering. Both components process user-controlled validation messages but failed to apply context-aware escaping before including them in HTML output. This matches the XSS pattern described in CWE-79 and aligns with TYPO3's architecture where ViewHelpers and Renderers handle frontend output generation. The high confidence comes from the direct correlation between these components' responsibilities and the vulnerability description's focus on validation error output.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

It **s ***n *is*ov*r** t**t t** output o* *i*l* v*li**tion *rrors in t** *orm *r*m*work is vuln*r**l* to *ross-sit* s*riptin*.

Reasoning

T** vuln*r**ility st*ms *rom improp*r output *n*o*in* in *orm v*li**tion *rror **n*lin*. TYPO*'s *orm *r*m*work us*s `V*li**tionR*sultsVi*w**lp*r` to *ispl*y *rrors *n* `**str**t*l*m*ntR*n**r*r` *or *l*m*nt-l*v*l *rror r*n**rin*. *ot* *ompon*nts `pro