CVE-2024-55921

Summary

CVE-2024-55921 is a vulnerability affecting the TYPO3 Content Management Framework's backend user interface. The issue lies in the deep link functionality, which is susceptible to Cross-Site Request Forgery (CSRF) attacks. Malicious URLs can deceive users into interacting with the backend, leading to state-changing actions in downstream components. These components incorrectly accepted submissions via HTTP GET and did not enforce appropriate HTTP methods. The vulnerability in the "Extension Manager Module" allows attackers to install third-party extensions from the TYPO3 Extension Repository, potentially leading to remote code execution. Users are advised to update to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, and 13.4.3 LTS to mitigate this risk. Additionally, it is recommended to keep the 'security.backend.enforceReferrer' feature enabled and the 'BE/cookieSameSite' configuration set to strict to prevent such attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.