Skip to content

TYPO3 Remote File Disclosure vulnerability in the jumpUrl mechanism

High severity GitHub Reviewed Published May 17, 2022 to the GitHub Advisory Database • Updated Feb 7, 2024

Package

composer typo3/cms (Composer)

Affected versions

>= 4.2.0, < 4.2.15
>= 4.3.0, < 4.3.7
>= 4.4.0, < 4.4.4

Patched versions

4.2.15
4.3.7
4.4.4

Description

The jumpUrl (aka access tracking) implementation in tslib/class.tslib_fe.php in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote attackers to read arbitrary files via unspecified vectors.

References

Published by the National Vulnerability Database Oct 25, 2010
Published to the GitHub Advisory Database May 17, 2022
Reviewed Feb 7, 2024
Last updated Feb 7, 2024

Severity

High

EPSS score

8.517%
(95th percentile)

Weaknesses

CVE ID

CVE-2010-3714

GHSA ID

GHSA-w736-qv86-vq94

Source code

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.