CVE-2024-34537

CVSS v3.1

4.9

Medium

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions TYPO3 versions prior to 10.4.46 ELTS TYPO3 versions prior to 11.5.40 LTS TYPO3 versions prior to 12.4.21 LTS TYPO3 versions prior to 13.3.1

Description The issue allows for denial of service, causing an interface error in the Bookmark Toolbar, which can be exploited by an administrator-level backend user account through manipulated data saved in the bookmark toolbar of the backend user interface. This is due to insufficient input validation, leading to a general error state that blocks further access to the interface.

Recommendations Update to version 10.4.46 ELTS Update to version 11.5.40 LTS Update to version 12.4.21 LTS Update to version 13.3.1

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1286CWE-248

Related Identifiers

CVE-2024-34537

GHSA-FFCV-V6PW-QHRP

Affected Products

Typo3

CVE-2024-34537

Weakness Enumeration

Related Identifiers

Affected Products

References · 10