CVE-2021-41114

Improper Input Validation in packagist/typo3/cms-core

Identifier

CVE-2021-41114

Package Slug

packagist/typo3/cms-core

Vulnerability

Improper Input Validation

Description

TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP Host header.

Affected Versions

All versions starting from 11.0.0 before 11.5.0

Solution

Upgrade to version 11.5.0 or above.

Last Modified

2021-10-10

source