- Component Type: TYPO3 CMS
- Subcomponent: Site Configuration, YAML File Loader (ext:core)
- Release Date: December 13, 2022
- Vulnerability Type: Sensitive Information Disclosure
- Affected Versions: 9.0.0-9.5.37, 10.0.0-10.4.32, 11.0.0-11.5.19, 12.0.0-12.1.0
- Severity: Medium
- Suggested CVSS: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L/E:F/RL:O/RC:C
- References: CVE-2022-23504, CWE-200, CWE-917
Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers could expose sensitive internal information, such as system configuration or HTTP request messages of other website visitors.
A valid backend user account having administrator privileges is needed to exploit this vulnerability.
Update to TYPO3 versions 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1 that fix the problem described above.
Thanks to TYPO3 core & security team member Oliver Hader who reported and fixed the issue.
All security related code changes are tagged so that you can easily look them up in our review system.