Gabriel Dimitrov

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 11.5.42 ELTS TYPO3 versions prior to 12.4.25 LTS TYPO3 versions prior to 13.4.3 LTS **Description** A vulnerability has been identified in the backend user interface functionality involving deep links, which is susceptible to Cross-Site Request Forgery (CSRF). State-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend. This can occur when the user opens a malicious link or visits a compromised website while the `security.backend.enforceReferrer` feature is disabled or the `BE/cookieSameSite` configuration is set to `lax` or `none`. The vulnerability in the affected downstream component "Log Module" allows attackers to remove log entries. **Recommendations** Update to TYPO3 version 11.5.42 ELTS to fix the problem described. Update to TYPO3 version 12.4.25 LTS to fix the problem described. Update to TYPO3 version 13.4.3 LTS to fix the problem described.

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 11.5.42 ELTS TYPO3 versions prior to 12.4.25 LTS TYPO3 versions prior to 13.4.3 LTS **Description** A vulnerability has been identified in the backend user interface functionality involving deep links, which is susceptible to Cross-Site Request Forgery (CSRF). State-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend. This can occur when the user opens a malicious link or visits a compromised website while specific settings are misconfigured, such as the `security.backend.enforceReferrer` feature being disabled or the `BE/cookieSameSite` configuration being set to lax or none. The vulnerability in the affected downstream component "Backend User Module" allows attackers to initiate password resets for other backend users or to terminate their user sessions. **Recommendations** Update to TYPO3 version 11.5.42 ELTS to resolve the issue. Update to TYPO3 version 12.4.25 LTS to resolve the issue. Update to TYPO3 version 13.4.3 LTS to resolve the issue. As a temporary workaround, consider enabling the `security.backend.enforceReferrer` feature and setting the `BE/cookieSameSite` configuration to a more secure value to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 11.5.42 ELTS TYPO3 versions prior to 12.4.25 LTS TYPO3 versions prior to 13.4.3 LTS **Description** A vulnerability has been identified in the backend user interface functionality involving deep links, which is susceptible to Cross-Site Request Forgery (CSRF). State-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend. This can occur when the user opens a malicious link or visits a compromised website while specific settings are misconfigured, such as the `security.backend.enforceReferrer` feature being disabled or the `BE/cookieSameSite` configuration being set to lax or none. The vulnerability in the affected downstream component "Dashboard Module" allows attackers to manipulate the victim's dashboard configuration. **Recommendations** Update to TYPO3 version 11.5.42 ELTS to fix the problem described. Update to TYPO3 version 12.4.25 LTS to fix the problem described. Update to TYPO3 version 13.4.3 LTS to fix the problem described.

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 11.5.42 ELTS TYPO3 versions prior to 12.4.25 LTS TYPO3 versions prior to 13.4.3 LTS **Description** A vulnerability has been identified in the backend user interface functionality involving deep links, which is susceptible to Cross-Site Request Forgery (CSRF). State-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend. This can occur when the user opens a malicious link or visits a compromised website with misconfigured settings, such as the `security.backend.enforceReferrer` feature being disabled or the `BE/cookieSameSite` configuration set to lax or none. The vulnerability in the affected downstream component “Extension Manager Module” allows attackers to retrieve and install 3rd party extensions from the TYPO3 Extension Repository, potentially leading to remote code execution. **Recommendations** Update to TYPO3 version 11.5.42 ELTS to fix the problem described. Update to TYPO3 version 12.4.25 LTS to fix the problem described. Update to TYPO3 version 13.4.3 LTS to fix the problem described. As a temporary workaround, consider disabling the `security.backend.enforceReferrer` feature and setting the `BE/cookieSameSite` configuration to a more secure value until a patch is available. Restrict access to the vulnerable “Extension Manager Module” to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 11.5.42 ELTS TYPO3 versions prior to 12.4.25 LTS TYPO3 versions prior to 13.4.3 LTS **Description** A vulnerability has been identified in the backend user interface functionality involving deep links, which is susceptible to Cross-Site Request Forgery (CSRF). State-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend. This can occur when the user opens a malicious link or visits a compromised website while specific settings are misconfigured, such as the `security.backend.enforceReferrer` feature being disabled or the `BE/cookieSameSite` configuration being set to `lax` or `none`. The vulnerability in the affected downstream component "Form Framework Module" allows attackers to manipulate or delete persisted form definitions. **Recommendations** Update to TYPO3 version 11.5.42 ELTS to fix the problem. Update to TYPO3 version 12.4.25 LTS to fix the problem. Update to TYPO3 version 13.4.3 LTS to fix the problem. As a temporary workaround, consider disabling the `security.backend.enforceReferrer` feature and setting the `BE/cookieSameSite` configuration to a more secure value until a patch is available. Restrict access to the vulnerable "Form Framework Module" to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 11.5.42 ELTS TYPO3 versions prior to 12.4.25 LTS TYPO3 versions prior to 13.4.3 LTS **Description** A vulnerability has been identified in the backend user interface functionality involving deep links, which is susceptible to Cross-Site Request Forgery (CSRF). State-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend. This can occur when the user opens a malicious link or visits a compromised website while specific settings are misconfigured, such as the `security.backend.enforceReferrer` feature being disabled or the `BE/cookieSameSite` configuration being set to `lax` or `none`. The vulnerability in the affected downstream component "Indexed Search Module" allows attackers to delete items of the component. **Recommendations** Update to TYPO3 version 11.5.42 ELTS to fix the problem. Update to TYPO3 version 12.4.25 LTS to fix the problem. Update to TYPO3 version 13.4.3 LTS to fix the problem. As a temporary workaround, consider disabling the `security.backend.enforceReferrer` feature and setting the `BE/cookieSameSite` configuration to a more secure value until a patch is available. Restrict access to the vulnerable "Indexed Search Module" component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 11.5.42 ELTS **Description** A vulnerability has been identified in the backend user interface functionality involving deep links, which is susceptible to Cross-Site Request Forgery (CSRF). State-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend. This can occur when the user opens a malicious link or visits a compromised website while specific settings are misconfigured, such as the `security.backend.enforceReferrer` feature being disabled or the `BE/cookieSameSite` configuration being set to lax or none. The vulnerability in the affected downstream component “Scheduler Module” allows attackers to trigger pre-defined command classes, potentially leading to unauthorized import or export of data. **Recommendations** Update to TYPO3 version 11.5.42 ELTS to fix the problem described. As a temporary workaround, consider restricting access to the vulnerable `Scheduler Module` until the update is applied. Additionally, ensure that the `security.backend.enforceReferrer` feature is enabled and the `BE/cookieSameSite` configuration is set to a secure value to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 11.5.42 ELTS **Description** A vulnerability has been identified in the backend user interface functionality involving deep links, which is susceptible to Cross-Site Request Forgery (CSRF). State-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend. This can occur when the user opens a malicious link or visits a compromised website with misconfigured settings, such as disabled `security.backend.enforceReferrer` feature or `BE/cookieSameSite` configuration set to `lax` or `none`. The vulnerability in the affected downstream component "DB Check Module" allows attackers to manipulate data through unauthorized actions. **Recommendations** Update to TYPO3 version 11.5.42 ELTS to fix the problem described. As a temporary workaround, consider disabling the `security.backend.enforceReferrer` feature and setting `BE/cookieSameSite` configuration to a more secure value until the update is applied. Restrict access to the "DB Check Module" to minimize the risk of exploitation. Avoid using HTTP GET for state-changing actions in downstream components until the issue is resolved.