TYPO3-20081113-1: Cross-Site Scripting vulnerability in TYPO3 Core

Categories: TYPO3 CMS
It has been discovered that the backend module "file" is vulnerable to Cross-Site Scripting (XSS).

Component Type: TYPO3 Core

Affected Version: TYPO3 version 4.2.2

Vulnerability Type: Cross Site Scripting

Vulnerability: Backend module "file" is susceptible to Cross-Site Scripting.

Severity: Low

Problem Description: Failing to filter user input, the module is susceptible to Cross-Site Scripting making it possible to execute arbitrary JavaScript.

Note: Exploiting this vulnerability will either require background knowledge of the the web folder structure of the TYPO3 hosting or a backend user account with access to the file module. This vulnerability can be exploited to execute arbitrary JavaScript by tricking a logged-in BE user into following a specially crafted link. TYPO3 versions below 4.2.2 are not vulnerable!

Solution: Update to TYPO3 version 4.2.3 that fixes the issue described.

Credits: Credits go to TYPO3 Security Team member Marcus Krause who reported the issue. The TYPO3 Security Team also wishes to thank Marcus Krause for fixing the issue in cooperation with the core team member Ingo Renner.