Mirko Richter

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 10.4.46 ELTS TYPO3 versions prior to 11.5.40 LTS TYPO3 versions prior to 12.4.21 LTS TYPO3 versions prior to 13.3.1 **Description** The issue allows for denial of service, causing an interface error in the Bookmark Toolbar, which can be exploited by an administrator-level backend user account through manipulated data saved in the bookmark toolbar of the backend user interface. This is due to insufficient input validation, leading to a general error state that blocks further access to the interface. **Recommendations** Update to version 10.4.46 ELTS Update to version 11.5.40 LTS Update to version 12.4.21 LTS Update to version 13.3.1

**Name of the Vulnerable Software and Affected Versions** Vaultwarden (formerly Bitwarden RS) version 1.30.3 **Description** A vulnerability has been identified in the authentication and authorization process of the endpoint responsible for altering the metadata of an emergency access. It permits an attacker with granted emergency access to escalate their privileges by changing the access level and modifying the wait time. Consequently, the attacker can gain full control over the vault while bypassing the necessary wait period. **Recommendations** For Vaultwarden (formerly Bitwarden RS) version 1.30.3, consider disabling the emergency access feature until a patch is available to prevent privilege escalation. Restrict access to the endpoint responsible for altering the metadata of an emergency access to minimize the risk of exploitation. Avoid using the emergency access feature in the affected version until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Vaultwarden (formerly Bitwarden RS) version 1.30.3 **Description** An issue was discovered in Vaultwarden, which lacks an offboarding process for members who leave an organization. As a result, the shared organization key is not rotated when a member departs, and the departing member retains a copy of the organization key. The application also fails to adequately protect some encrypted data stored on the server, allowing an authenticated user to gain unauthorized access to encrypted data of any organization, even if the user is not a member of the targeted organization, provided they know the corresponding organizationId. **Recommendations** For Vaultwarden version 1.30.3, consider implementing a proper offboarding process to rotate the shared organization key when a member departs, and ensure that access to encrypted data is properly revoked for departing members. As a temporary workaround, restrict access to the encrypted data stored on the server to minimize the risk of exploitation. Additionally, consider disabling the feature that allows authenticated users to access encrypted data of other organizations until a proper fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Vaultwarden (formerly Bitwarden RS) version 1.30.3 **Description** A stored cross-site scripting (XSS) or HTML injection issue has been discovered in the admin dashboard. This potentially allows an authenticated attacker to inject malicious code into the dashboard, which is then executed or rendered in the context of an administrator's browser when viewing the injected content. The default Content Security Policy (CSP) of the application blocks most exploitation paths, significantly mitigating the potential impact. **Recommendations** For version 1.30.3, consider disabling access to the admin dashboard until a patch is available to prevent potential exploitation. Restrict the use of the vulnerable component in the admin dashboard to minimize the risk of malicious code injection.