CVE-2021-21338

23.03.2021, 02:15

TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 it has been discovered that Login Handling is susceptible to open redirection which allows attackers redirecting to arbitrary content, and conducting phishing attacks. No authentication is required in order to exploit this vulnerability. This is fixed in versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1.

Open Redirect

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4.7 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
GitHub_M	CNA	4.7 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 48%

Vendor	Product	Version
typo3	typo3	6.2.0 ≤ 𝑥 < 6.2.57
typo3	typo3	7.0.0 ≤ 𝑥 < 7.6.51
typo3	typo3	8.0.0 ≤ 𝑥 < 8.7.40
typo3	typo3	9.0.0 ≤ 𝑥 < 9.5.25
typo3	typo3	10.0.0 ≤ 𝑥 < 10.4.14
typo3	typo3	11.0.0 ≤ 𝑥 < 11.1.1

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.

References

https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp

https://packagist.org/packages/typo3/cms-core

https://typo3.org/security/advisory/typo3-core-sa-2021-001

https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp

https://packagist.org/packages/typo3/cms-core

https://typo3.org/security/advisory/typo3-core-sa-2021-001