Bug #93335: XSS in access permission module - TYPO3 Core - TYPO3 Forge

Actions

Copy link

Bug #93335

closed

XSS in access permission module

Added by Oliver Hader about 3 years ago. Updated about 3 years ago.

Status:

Closed

Priority:

Should have

Assignee:

Category:

Target version:

Start date:

2021-01-21

Due date:

% Done:

100%

Estimated time:

TYPO3 Version:

PHP Version:

Tags:

Complexity:

Is Regression:

Sprint Focus:

Description

Steps¶

having be_groups.title containing XSS

Group<img src="x" onerror="alert(1)">

open System > Access module for a particular page
click on groupname element
change to group containing XSS in title (prerequisite) & save
click on groupname element again
change to different group
click on "x" icon in order to revert change

XSS is executed

Reasons¶

https://github.com/TYPO3/TYPO3.CMS/blob/master/Build/Sources/TypeScript/beuser/Resources/Public/TypeScript/Permissions.ts#L84

buttonSelector.innerHTML = groupnameHtml;

Related issues 1 (0 open — 1 closed)

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

TYPO3 Core

Custom queries

Bug #93335

XSS in access permission module

Steps¶

Reasons¶

Updated by Oliver Hader about 3 years ago

Updated by Oliver Hader about 3 years ago

Updated by Oliver Hader about 3 years ago

Updated by Oliver Hader about 3 years ago

Updated by Andreas Kienast about 3 years ago

Updated by Andreas Kienast about 3 years ago

Updated by Gerrit Code Review about 3 years ago

Updated by Gerrit Code Review about 3 years ago

Updated by Gerrit Code Review about 3 years ago

Updated by Gerrit Code Review about 3 years ago

Updated by Andreas Fernandez about 3 years ago

Updated by Benni Mack about 3 years ago