{ "id": "CVE-2024-55923", "sourceIdentifier": "security-advisories@github.com", "published": "2025-01-14T20:15:30.197", "lastModified": "2025-01-14T20:15:30.197", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions: The user opens a malicious link, such as one sent via email. The user visits a compromised or manipulated website while the following settings are misconfigured: 1. `security.backend.enforceReferrer` feature is disabled, 2. `BE/cookieSameSite` configuration is set to lax or none. The vulnerability in the affected downstream component \u201cIndexed Search Module\u201d allows attackers to delete items of the component. Users are advised to update to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS which fix the problem described. There are no known workarounds for this issue." }, { "lang": "es", "value": "TYPO3 es un framework gestor de contenidos gratuito y de c\u00f3digo abierto. Se ha identificado una vulnerabilidad en la funcionalidad de la interfaz de usuario del backend que implica enlaces profundos. En concreto, esta funcionalidad es susceptible a Cross-Site Request Forgery (CSRF). Adem\u00e1s, las acciones de cambio de estado en los componentes posteriores aceptaron incorrectamente los env\u00edos a trav\u00e9s de HTTP GET y no aplicaron el m\u00e9todo HTTP adecuado. Para explotar con \u00e9xito esta vulnerabilidad, la v\u00edctima debe tener una sesi\u00f3n activa en la interfaz de usuario del backend y ser enga\u00f1ada para que interact\u00fae con una URL maliciosa dirigida al backend, lo que puede ocurrir en las siguientes condiciones: El usuario abre un enlace malicioso, como uno enviado por correo electr\u00f3nico. El usuario visita un sitio web comprometido o manipulado mientras las siguientes configuraciones est\u00e1n mal configuradas: 1. La funci\u00f3n `security.backend.enforceReferrer` est\u00e1 deshabilitada, 2. La configuraci\u00f3n `BE/cookieSameSite` est\u00e1 establecida en lax o ninguna. La vulnerabilidad en el componente posterior afectado \"M\u00f3dulo de b\u00fasqueda indexada\" permite a los atacantes eliminar elementos del componente. Se recomienda a los usuarios que actualicen a las versiones 11.5.42 ELTS, 12.4.25 LTS y 13.4.3 LTS de TYPO3, que solucionan el problema descrito. No se conocen Workarounds para este problema." } ], "metrics": { "cvssMetricV31": [ { "source": "security-advisories@github.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 1.4 } ] }, "weaknesses": [ { "source": "security-advisories@github.com", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-352" }, { "lang": "en", "value": "CWE-749" } ] } ], "references": [ { "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-7r5q-4qgx-v545", "source": "security-advisories@github.com" }, { "url": "https://typo3.org/security/advisory/typo3-core-sa-2025-008", "source": "security-advisories@github.com" } ] }