CVE-2021-21338

URL Redirection to Untrusted Site (Open Redirect) in packagist/typo3/cms-core

Identifier

CVE-2021-21338

Package Slug

packagist/typo3/cms-core

Vulnerability

URL Redirection to Untrusted Site (Open Redirect)

Description

Login Handling is susceptible to open redirection which allows attackers redirecting to arbitrary content, and conducting phishing attacks. No authentication is required in order to exploit this vulnerability.

Affected Versions

All versions starting from 6.2.0 before 6.2.57, all versions starting from 7.0.0 before 7.6.51, all versions starting from 8.0.0 before 8.7.40, all versions starting from 9.0.0 before 9.5.25, all versions starting from 10.0.0 before 10.4.14, all versions starting from 11.0.0 before 11.1.1

Solution

Upgrade to versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 or above.

Last Modified

2021-03-29

source