CVE-2023-35782: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
(updated )
The ipandlanguageredirect extension before 5.1.2 for TYPO3 allows SQL Injection.
References
- github.com/FriendsOfPHP/security-advisories/blob/master/in2code/ipandlanguageredirect/CVE-2023-35782.yaml
- github.com/advisories/GHSA-4xf2-7qfv-mgfx
- github.com/einpraegsam/ipandlanguageredirect/commit/d80eb99e739a09984ad0ea94b12380236346ae42
- nvd.nist.gov/vuln/detail/CVE-2023-35782
- typo3.org/security/advisory/typo3-ext-sa-2023-005
Detect and mitigate CVE-2023-35782 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →