Bug #30753
closed
SQL Injection in Scheduler Task of Linkvalidator
Added by Oliver Hader about 13 years ago.
Updated almost 11 years ago.
Description
PoC:
- install linkvalidator system extension
- create new scheduler task
- enter anything in field "start page (uid)"
The tx_linkvalidator_tasks_ValidatorAdditionalFieldProvider exectues a SQL query without casting the value to integer.
Severity: medium since only admin users can define new scheduler tasks
Affected: 4.5, 4.6
Files
- Project changed from 1716 to TYPO3 Core
- Category deleted (
OW-A01: Injection)
- Status changed from New to Under Review
- Assignee changed from Helmut Hummel to Oliver Hader
Patch set 1 of change I99f7ac32ed16ef3d2be9673ee2d0af72ed0c5b0c has been pushed to the review server.
It is available at http://review.typo3.org/5698
Patch set 1 of change Ic4e01420e87d5187e3181a5976b7f4132e898327 has been pushed to the review server.
It is available at http://review.typo3.org/5700
- Project changed from TYPO3 Core to 1510
- Assignee changed from Oliver Hader to Philipp Gampe
Patch set 1 of change Ic4e01420e87d5187e3181a5976b7f4132e898327 has been pushed to the review server.
It is available at http://review.typo3.org/5701
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset commit:4050d07e0ee4364909b8d6e76bbabd218a5bb399.
- Status changed from Resolved to Closed
- Category set to Linkvalidator
- Project changed from 1510 to TYPO3 Core
- Category changed from Linkvalidator to Linkvalidator
Also available in: Atom
PDF