Base Score

HIGH7.2

CVE-2019-19850

An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. Because escaping of user-submitted content is mishandled, the class QueryGenerator is vulnerable to SQL injection. Exploitation requires having the system extension ext:lowlevel installed, and a valid backend user who has administrator privileges.

VectorNETWORK

Published Bycve@mitre.org

Published DateDec 17, 2019, 17:15

Affected Versions(6)

typo3/cms(Packagist)

Introduced8.0

Fixed8.7.30

LimitN/A

typo3/cms(Packagist)

Introduced9.0

Fixed9.5.12

LimitN/A

typo3/cms(Packagist)

Introduced10.0

Fixed10.2.2

LimitN/A

typo3/cms-core(Packagist)

Introduced8.0

Fixed8.7.30

LimitN/A

typo3/cms-core(Packagist)

Introduced9.0

Fixed9.5.12

LimitN/A

typo3/cms-core(Packagist)

Introduced10.0

Fixed10.2.2

LimitN/A

Package (Ecosystem)	Introduced	Fixed	Limit
typo3/cms(Packagist)	8.0	8.7.30	N/A
typo3/cms(Packagist)	9.0	9.5.12	N/A
typo3/cms(Packagist)	10.0	10.2.2	N/A
typo3/cms-core(Packagist)	8.0	8.7.30	N/A
typo3/cms-core(Packagist)	9.0	9.5.12	N/A
typo3/cms-core(Packagist)	10.0	10.2.2	N/A

Weakness Type (CWE):CWE-89

CVSS Metrics

Base Score

7.2

Vector String

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

HIGH

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

HIGH

Availability (A)

HIGH

References

Base Score

HIGH7.2

Weakness Type (CWE):CWE-89

CVSS Metrics

Base Score

7.2

Vector String

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

HIGH

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

HIGH

Availability (A)

HIGH