[TYPO3-announce] TYPO3 Security Bulletin 20070801-1: Multiple vulnerabilities in extension ve_guestbook

Lars Houmark lars at typo3.org
Wed Aug 1 20:27:27 CEST 2007


Dear users of TYPO3,

It has been discovered that the extension ve_guestbook is vulnerable  
to SQL Injection attacks. Also, a Cross Site Scripting issue has been  
detected.

==== Component Type ====
Third party extension. This extension is not part of the TYPO3  
default installation.

==== Affected Versions ====
Version 1.9.3 and below

==== Vulnerability Type ====
SQL Injection, Cross Site Scripting

==== Severity ====
HIGH.
We have received indications that the flaw is already being
actively exploited.

==== Problem Description ====
Some versions of the extension are exposed to SQL injection because  
they fail to properly sanitize user-supplied input. Besides that,  
some versions are not preventing Cross Site Scripting attacks properly.

==== Solution ====
An updated version is available from the TYPO3 extension manager and at
http://typo3.org/extensions/repository/view/ve_guestbook/2.0.0/

==== General advice ====
Follow the recommendations that are given in the TYPO3 Security  
Cookbook [1].
Keep notice of the TYPO3 security bulletin page [2].

==== Annotation ====
The TYPO3 Security Team wishes to clarify that we have not yet
been able to get in touch with the author, nor to accomplish a formal
review of the extension. This advisory is being published nevertheless,
because we have received indications that the flaw is already being
actively exploited.

[1] http://typo3.org/fileadmin/security-team/ 
typo3_security_cookbook_v-0.5.pdf
[2] http://typo3.org/teams/security/security-bulletins/

Regards,

Lars Houmark
lars at typo3.org





More information about the TYPO3-announce mailing list