Project

General

Profile

Actions
Copy link

Bug #20059

closed

XSS vulnerability in sysext install

Added by Marcus Krause almost 16 years ago. Updated over 14 years ago.

Status:
Closed
Priority:
Should have
Assignee:
Ernesto Baschny
Category:
Install Tool
Target version:
-
Start date:
2009-02-20
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
4.0
PHP Version:
5.2
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

Install tool is susceptible to Cross-Site Scripting.
Not sanitized parameter:
- redirect_url
- step

Provided by TYPO3 Security Team

Security Team OTRS reference: 2009021910000015
(issue imported from #M10501)

Files

Download all files
10501.diff (963 Bytes) 10501.diff Administrator Admin, 2009-02-20 10:01
12293_v2.diff (11.2 KB) 12293_v2.diff Administrator Admin, 2009-10-21 00:00
10501_trunk-v4.diff (2.12 KB) 10501_trunk-v4.diff Administrator Admin, 2009-10-22 09:23
Actions
Copy link
 #1

Updated by Marcus Krause almost 16 years ago

Patch made against trunk.

Actions
Copy link
 #2

Updated by Helmut Hummel about 15 years ago

Uploaded a new patch that incorporates the fixes from Marcus

Actions
Copy link
 #3

Updated by Michael Stucki about 15 years ago

+1 by reading 12293_v2.diff

Actions
Copy link
 #4

Updated by Ernesto Baschny about 15 years ago

The patch -v3 (in #21319) broke the 123 installer, as there is a step called "go" (which is not an integer).

Attached patch -v4 fixes this.

Actions
Copy link
 #5

Updated by Ernesto Baschny about 15 years ago

Commited to:
trunk (rev.6249 = beta2)
TYPO3_4-2 (rev.6250 = 4.2.10)
TYPO3_4-1 (rev.6251 = 4.1.11)

Actions
Copy link

Also available in: Atom PDF