CVE-2012-1086

Vulnerability

The UrlTool (aeurltool) extension for TYPO3, version 0.1.0, contains a cross-site scripting (XSS) vulnerability. The issue arises from insufficient input sanitization in the extension's handling of URL-related parameters, allowing injection of arbitrary web script or HTML via unspecified vectors. The exact affected version range is limited to 0.1.0 as per the extension's release, and the vulnerability is present when the extension is active on a TYPO3 site [1].

Exploitation

An attacker can exploit this vulnerability by crafting a malicious request that includes HTML or JavaScript payloads in parameters processed by the UrlTool extension. Since the vectors are unspecified, exploitation likely occurs via user-supplied input that is reflected or stored without proper escaping. No authentication is required, and the attacker only needs network access to the TYPO3 site hosting the vulnerable extension [1].

Impact

Successful exploitation allows a remote attacker to inject arbitrary web script or HTML into the context of the affected TYPO3 site. This can lead to session hijacking, defacement, or redirection of users to malicious sites, compromising the confidentiality and integrity of the application and user data within the scope of the XSS attack [1].

Mitigation

The official TYPO3 Security Bulletin (TYPO3-EXT-SA-2012-001) recommends uninstalling or disabling the aeurltool extension. No patched version has been released; the vulnerable version 0.1.0 is the only one known. Since the extension is not part of the default TYPO3 installation, removal is the primary mitigation [1].