Improperly Controlled Modification of Dynamically-Determined Object Attributes in TYPO3 CMS
CVE-2020-11066

8.7HIGH

Key Information:

Vendor: Typo3
Status: Typo3 Cms
Vendor: CVE Published:; 14 May 2020

What is CVE-2020-11066?

In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and greater than or equal to 10.0.0 and less than 10.4.2, calling unserialize() on malicious user-submitted content can lead to modification of dynamically-determined object attributes and result in triggering deletion of an arbitrary directory in the file system, if it is writable for the web server. It can also trigger message submission via email using the identity of the web site (mail relay). Another insecure deserialization vulnerability is required to actually exploit mentioned aspects. This has been fixed in 9.5.17 and 10.4.2.

Affected Version(s)

TYPO3 CMS >= 9.0.0, < 9.5.17 < 9.0.0, 9.5.17

TYPO3 CMS >= 10.0.0, < 10.4.2 < 10.0.0, 10.4.2

References

https://github.com/TYPO3/TYPO3.CMS/security/advisories/GH...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
May 14, 2020
Vulnerability Reserved
Mar 30, 2020

Typo3

What is CVE-2020-11066?

Affected Version(s)

References

CVSS V3.1

Timeline