Shafi Almutairi

**Name of the Vulnerable Software and Affected Versions** TYPO3 CMS versions prior to 10.4.57 TYPO3 CMS versions 11.0.0 through 11.5.51 TYPO3 CMS versions 12.0.0 through 12.4.46 TYPO3 CMS versions 13.0.0 through 13.4.31 TYPO3 CMS versions 14.0.0 through 14.3.3 **Description** The cache frontend (VariableFrontend) and persistent key-value store (Registry) deserialize PHP payloads without integrity validation or class restrictions. An attacker with write access to the underlying storage backend, such as the file system or the `sys registry` database table, can inject a crafted serialized payload to trigger PHP Object Injection. This may allow the exploitation of a gadget chain to achieve Remote Code Execution. **Recommendations** Update to version 10.4.57 or later. Update to version 11.5.52 or later. Update to version 12.4.47 or later. Update to version 13.4.32 or later. Update to version 14.3.4 or later.