GSD-2020-26227

Vulnerability from gsd - Updated: 2023-12-13 01:22
Details
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.23 and 10.4.10 the system extension Fluid (typo3/cms-fluid) of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers. Update to TYPO3 versions 9.5.23 or 10.4.10 that fix the problem described.
Aliases
Aliases
CVE-2020-26227
To clipboard 

{
  "GSD": {
    "alias": "CVE-2020-26227",
    "description": "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.23 and 10.4.10 the system extension Fluid (typo3/cms-fluid) of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers. Update to TYPO3 versions 9.5.23 or 10.4.10 that fix the problem described.",
    "id": "GSD-2020-26227"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-26227"
      ],
      "details": "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.23 and 10.4.10 the system extension Fluid (typo3/cms-fluid) of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers. Update to TYPO3 versions 9.5.23 or 10.4.10 that fix the problem described.",
      "id": "GSD-2020-26227",
      "modified": "2023-12-13T01:22:08.600160Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2020-26227",
        "STATE": "PUBLIC",
        "TITLE": "Cross-Site Scripting in Fluid view helpers"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "TYPO3.CMS",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "\u003e= 9.0.0, \u003c 9.5.23"
                        },
                        {
                          "version_value": "\u003e= 10.0.0, \u003c 10.4.10"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "TYPO3"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.23 and 10.4.10 the system extension Fluid (typo3/cms-fluid) of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers. Update to TYPO3 versions 9.5.23 or 10.4.10 that fix the problem described."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf",
            "refsource": "CONFIRM",
            "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf"
          },
          {
            "name": "https://typo3.org/security/advisory/typo3-core-sa-2020-010",
            "refsource": "MISC",
            "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-010"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-vqqx-jw6p-q3rf",
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003e=6.2.0,\u003c6.2.54||\u003e=7.6.0,\u003c7.6.48||\u003e=8.7.0,\u003c8.7.38|| \u003e=9.0.0,\u003c9.5.23||\u003e=10.0.0,\u003c10.4.10",
          "affected_versions": "All versions starting from 6.2.0 before 6.2.54, all versions starting from 7.6.0 before 7.6.48, all versions starting from 8.7.0 before 8.7.38, all versions starting from 9.0.0 before 9.5.23, all versions starting from 10.0.0 before 10.4.10",
          "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-79",
            "CWE-937"
          ],
          "date": "2020-12-01",
          "description": "TYPO3 is an open source PHP based web content management system. In TYPO3 the system extension Fluid (typo3/cms-fluid) of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers.",
          "fixed_versions": [
            "9.5.23",
            "10.4.10"
          ],
          "identifier": "CVE-2020-26227",
          "identifiers": [
            "CVE-2020-26227",
            "GHSA-vqqx-jw6p-q3rf"
          ],
          "not_impacted": "All versions before 6.2.0, all versions starting from 6.2.54 before 7.6.0, all versions starting from 7.6.48 before 8.7.0, all versions starting from 8.7.38 before 9.0.0, all versions starting from 9.5.23 before 10.0.0, all versions starting from 10.4.10",
          "package_slug": "packagist/typo3/cms-core",
          "pubdate": "2020-11-23",
          "solution": "Upgrade to versions 9.5.23, 10.4.10 or above.",
          "title": "Cross-site Scripting",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-26227",
            "https://typo3.org/security/advisory/typo3-core-sa-2020-010"
          ],
          "uuid": "57a40912-4c3b-4800-a2b1-bd6a3721b253"
        },
        {
          "affected_range": "\u003e=6.2.0,\u003c6.2.54||\u003e=7.6.0,\u003c7.6.48||\u003e=8.7.0,\u003c8.7.38|| \u003e=9.0.0,\u003c9.5.23||\u003e=10.0.0,\u003c10.4.10",
          "affected_versions": "All versions starting from 6.2.0 before 6.2.54, all versions starting from 7.6.0 before 7.6.48, all versions starting from 8.7.0 before 8.7.38, all versions starting from 9.0.0 before 9.5.23, all versions starting from 10.0.0 before 10.4.10",
          "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-79",
            "CWE-937"
          ],
          "date": "2020-12-01",
          "description": "TYPO3 is an open source PHP based web content management system. In TYPO3 the system extension Fluid (typo3/cms-fluid) of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers. Update to TYPO3 that fix the problem described.",
          "fixed_versions": [
            "7.0.0",
            "8.0.0",
            "9.5.23",
            "10.4.10"
          ],
          "identifier": "CVE-2020-26227",
          "identifiers": [
            "CVE-2020-26227",
            "GHSA-vqqx-jw6p-q3rf"
          ],
          "not_impacted": "All versions before 6.2.0, all versions starting from 6.2.54 before 7.6.0, all versions starting from 7.6.48 before 8.7.0, all versions starting from 8.7.38 before 9.0.0, all versions starting from 9.5.23 before 10.0.0, all versions starting from 10.4.10",
          "package_slug": "packagist/typo3/cms",
          "pubdate": "2020-11-23",
          "solution": "Upgrade to versions 7.0.0, 8.0.0, 9.5.23, 10.4.10 or above.",
          "title": "Cross-site Scripting",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-26227",
            "https://typo3.org/security/advisory/typo3-core-sa-2020-010"
          ],
          "uuid": "1fd49b41-9986-4f5e-a395-018f39c05a63"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.2.54",
                "versionStartIncluding": "6.2.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.6.48",
                "versionStartIncluding": "7.6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.7.38",
                "versionStartIncluding": "8.7.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "9.5.23",
                "versionStartIncluding": "9.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.4.10",
                "versionStartIncluding": "10.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2020-26227"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.23 and 10.4.10 the system extension Fluid (typo3/cms-fluid) of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers. Update to TYPO3 versions 9.5.23 or 10.4.10 that fix the problem described."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf"
            },
            {
              "name": "https://typo3.org/security/advisory/typo3-core-sa-2020-010",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Vendor Advisory"
              ],
              "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-010"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 2.7
        }
      },
      "lastModifiedDate": "2020-12-01T21:24Z",
      "publishedDate": "2020-11-23T21:15Z"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.