CVE-2024-25121

Name of the Vulnerable Software and Affected Versions TYPO3 versions prior to 8.7.57 ELTS TYPO3 versions prior to 9.5.46 ELTS TYPO3 versions prior to 10.4.43 ELTS TYPO3 versions prior to 11.5.35 LTS TYPO3 versions prior to 12.4.11 LTS TYPO3 versions prior to 13.0.1

Description In affected versions of TYPO3, entities of the File Abstraction Layer (FAL) could be persisted directly via DataHandler. This allowed attackers to reference files in the fallback storage directly and retrieve their file names and contents. The fallback storage ("zero-storage") is used as a backward compatibility layer for files located outside properly configured file storages and within the public web root directory. Exploiting this issue requires a valid backend user account.

Recommendations Update to TYPO3 version 8.7.57 ELTS or later. Update to TYPO3 version 9.5.46 ELTS or later. Update to TYPO3 version 10.4.43 ELTS or later. Update to TYPO3 version 11.5.35 LTS or later. Update to TYPO3 version 12.4.11 LTS or later. Update to TYPO3 version 13.0.1 or later. As a temporary workaround, consider restricting access to the DataHandler and limiting the ability to persist entities of the File Abstraction Layer directly. When importing data from secure origins, explicitly enable it in the corresponding DataHandler instance by using $dataHandler->isImporting = true;.