Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1wNnh4LWZoZnctN21qN84AA3v7
Configuration Injection in extension "Direct Mail" (direct_mail)
The “Configuration” backend module of the extension allows an authenticated user to write arbitrary page TSConfig for folders configured as “Direct Mail”. Exploiting the vulnerability may lead to Configuration Injection (TYPO3 10.4 and above) and to Arbitrary Code Execution (TYPO3 9.5 and below).
A valid backend user account having access to the Direct Mail "Configuration" backend module is needed in order to exploit this vulnerability.
Permalink: https://github.com/advisories/GHSA-p6xx-fhfw-7mj7JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1wNnh4LWZoZnctN21qN84AA3v7
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: 12 months ago
Updated: 12 months ago
CVSS Score: 8.8
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Identifiers: GHSA-p6xx-fhfw-7mj7, CVE-2023-50461
References:
- https://github.com/FriendsOfPHP/security-advisories/blob/master/directmailteam/direct-mail/CVE-2023-50461.yaml
- https://typo3.org/security/advisory/typo3-ext-sa-2023-011
- https://github.com/advisories/GHSA-p6xx-fhfw-7mj7
Affected Packages
packagist:directmailteam/direct-mail
Dependent packages: 3Dependent repositories: 3
Downloads: 178,211 total
Affected Version Ranges: < 6.0.3, >= 7.0.0, < 7.0.3, >= 8.0.0, < 9.5.2
Fixed in: 6.0.3, 7.0.3, 9.5.2
All affected versions: 5.0.1, 5.1.0, 5.1.1, 5.2.0, 5.2.1, 5.2.2, 5.2.3, 5.2.4, 6.0.0, 6.0.1, 6.0.2, 7.0.0, 7.0.1, 7.0.2, 9.0.0, 9.0.1, 9.0.2, 9.1.1, 9.1.2, 9.1.3, 9.2.0, 9.2.1, 9.2.2, 9.3.0, 9.4.0, 9.5.0, 9.5.1
All unaffected versions: 6.0.4, 7.0.3, 9.5.2