CVE-2021-41113

Cross-Site Request Forgery (CSRF) in packagist/typo3/cms-core

Identifier

CVE-2021-41113

Package Slug

packagist/typo3/cms-core

Vulnerability

Cross-Site Request Forgery (CSRF)

Description

TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the new TYPO3 v11 feature that allows users to create and share deep links in the backend user interface is vulnerable to cross-site-request-forgery.

Affected Versions

All versions starting from 11.2.0 before 11.5.0

Solution

Upgrade to version 11.5.0 or above.

Last Modified

2021-10-10

source