CVE-2010-3660

Vulnerability

Overview

CVE-2010-3660 describes a cross-site scripting (XSS) vulnerability in the TYPO3 backend. The issue arises from the failure to properly sanitize user input in several backend components, allowing an attacker to inject arbitrary HTML or JavaScript code. This vulnerability affects TYPO3 versions before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4, and 4.4.x before 4.4.1 [1][2].

Exploitation

Conditions

Exploitation of this XSS flaw requires a valid backend login, meaning the attacker must have authenticated access to the TYPO3 backend. The attack vector is network-based with low complexity, and no special privileges beyond a standard backend user account are needed [1]. The vulnerability is present in multiple backend forms and interfaces that reflect user input without proper escaping.

Impact

A successful XSS attack can allow an authenticated attacker to execute arbitrary scripts in the context of the backend session. This could lead to session hijacking, data theft, or further compromise of the TYPO3 instance by performing actions on behalf of the victim user [1]. The severity is rated as Medium by the TYPO3 security team, with a CVSS v2.0 score of 4.3 (AV:N/AC:L/Au:N/C:N/I:P/A:N) [1].

Mitigation

The TYPO3 project released patched versions (4.1.14, 4.2.13, 4.3.4, and 4.4.1) on July 28, 2010, which fix the XSS issues by improving input sanitization in the backend [1]. Debian also addressed this vulnerability in its security advisory DSA-2098-1 [4]. Users are strongly advised to upgrade to the latest patched version or apply the relevant security updates.