CVE-2024-55924

Summary

CVE-2024-55924 is a vulnerability affecting the TYPO3 Content Management Framework. This issue lies in the backend user interface's susceptibility to Cross-Site Request Forgery (CSRF) attacks. Moreover, state-changing actions in a downstream component, the Scheduler Module, incorrectly accepted submissions via HTTP GET and failed to enforce the necessary HTTP method. Successfully exploiting this vulnerability necessitates the victim having an active session on the backend user interface and being tricked into clicking a malicious URL. The risk is heightened if certain settings, specifically `security.backend.enforceReferrer` and `BE/cookieSameSite`, are misconfigured. This weakness enables attackers to trigger command classes, potentially resulting in unauthorized import or export of data. Users are encouraged to update to TYPO3 versions 11.5.42 ELTS to address this issue, as no known workarounds currently exist.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.