Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x through 6.2.x before 6.2.9, and 7.x before 7.0.2, when config.prefixLocalAnchors is set and using a homepage with links that only contain anchors, allows remote attackers to change URLs to arbitrary domains for those links via unknown vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TYPO3 frontend rendering组件后置链接漏洞
Vulnerability Description
TYPO3是瑞士TYPO3协会维护的一套免费开源的内容管理系统(框架)(CMS/CMF)。frontend rendering是其中的一个前端渲染组件。 TYPO3的frontend rendering组件中存在安全漏洞。当程序设置config.prefixLocalAnchors并使用特制的主页时,远程攻击者可利用该漏洞将页面里的链接改为指向任意域名的URL。以下版本受到影响:TYPO3 4.5.39之前4.5.x版本,4.6.x版本至6.2.9之前6.2.x版本,7.0.2之前7.x版本。
CVSS Information
N/A
Vulnerability Type
N/A