CVE-2018-14609 is a security issue with TYPO3 that has been resolved in version 10.4.32. This issue is XSS and is present in the `FileDumpController`. A valid backend user account is needed to exploit this vulnerability. Update to TYPO3 version 10.4.32 ELTS, 11.5.16 ELTS, 12.5.5 ELTS, 12.7.3 ELTS, 13.0.0 ELTS, 13.1.0 ELTS, 13.2.0 ELTS, 14.0.0 ELTS, 14.1.0 ELTS, 14.2.0 ELTS, 15.0.0 ELTS, 15.1.0 ELTS, 15.2.0 ELTS, 16.0.0 ELTS, 16.1.0 ELTS, 16.2.0 ELTS, 17.0.0 ELTS, 17.1.0 ELTS, 17.2.0 ELTS, 18.0.0 ELTS, 18.1.0 ELTS, 18.2.0 ELTS, 19.0.0 ELTS, 19.1.0 ELTS, 19.2.0 ELTS, 20.0.0 ELTS, 20.1.0 ELTS, 20.2.0 ELTS, 21.0.0 ELTS, 21.1.0 ELTS,
Vulnerability Details
CVE-2022-36107: TYPO3 FileDumpController
Type: XSS
Status: Resolved
CVE-2018-14609: TYPO3 FileDumpController
Type: XSS
Why is the TYPO3 Security Team publishing a security alert?
It is recommended that you update to TYPO3 version 10.4.32 ELTS, 11.5.16 ELTS, 12.5.5 ELTS, 12.7.3 ELTS, 13.0.0 ELTS, 13.1.0 ELTS, 13.2.0 ELTS, 14.0.0 ELTS, 14.1.0 ELTS, 14
Timeline
Published on: 09/13/2022 18:15:00 UTC
Last modified on: 09/16/2022 14:24:00 UTC