CVE-2021-41113: Cross-Site Request Forgery (CSRF)

October 5, 2021 (updated October 9, 2021)

TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the new TYPO3 v11 feature that allows users to create and share deep links in the backend user interface is vulnerable to cross-site-request-forgery.

References

nvd.nist.gov/vuln/detail/CVE-2021-41113
typo3.org/security/advisory/typo3-core-sa-2020-006

Code Behaviors & Features

Detect and mitigate CVE-2021-41113 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →