CVE-2014-9508

Name of the Vulnerable Software and Affected Versions TYPO3 versions 4.5.x through 4.5.38 TYPO3 versions 4.6.x through 6.2.x before 6.2.9 TYPO3 versions 7.x before 7.0.2

Description The frontend rendering component in TYPO3 allows remote attackers to change URLs to arbitrary domains for links that only contain anchors, when config.prefixLocalAnchors is set and using a homepage with such links. This can be achieved by forging a request that modifies these links. The vulnerability is also dependent on URL rewriting being enabled in the web server, which is typically the case when using extensions like realurl or cooluri. However, installations where config.absRefPrefix is set are not affected.

Recommendations For TYPO3 versions 4.5.x through 4.5.38, update to version 4.5.39 or later. For TYPO3 versions 4.6.x through 6.2.x before 6.2.9, update to version 6.2.9 or later. For TYPO3 versions 7.x before 7.0.2, update to version 7.0.2 or later. As a temporary workaround, consider disabling the config.prefixLocalAnchors option until a patch is available. Restrict access to the homepage of the TYPO3 installation to minimize the risk of exploitation, especially when URL rewriting is enabled.