Vulnerabilities > CVE-2012-3530 - Unspecified vulnerability in Typo3

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

typo3

nessus

NVD

Published: 2012-09-05

Updated: 2017-08-29

Summary

Incomplete blacklist vulnerability in the t3lib_div::quoteJSvalue API function in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote attackers to conduct cross-site scripting (XSS) attacks via certain HTML5 JavaScript events. Per: http://cwe.mitre.org/data/definitions/184.html 'CWE-184: Incomplete Blacklist'

Vulnerable Configurations

Part	Description	Count
Application	Typo3 Typo3 Typo3 4.5 Typo3 Typo3 4.5.0 Typo3 Typo3 4.5.1 Typo3 Typo3 4.5.2 Typo3 Typo3 4.5.3 Typo3 Typo3 4.5.4 Typo3 Typo3 4.5.5 Typo3 Typo3 4.5.6 Typo3 Typo3 4.5.7 Typo3 Typo3 4.5.8 Typo3 Typo3 4.5.9 Typo3 Typo3 4.5.10 Typo3 Typo3 4.5.11 Typo3 Typo3 4.5.12 Typo3 Typo3 4.5.13 Typo3 Typo3 4.5.14 Typo3 Typo3 4.5.15 Typo3 Typo3 4.5.16 Typo3 Typo3 4.5.17 Typo3 Typo3 4.5.18 Typo3 Typo3 4.6 Typo3 Typo3 4.6.0 Typo3 Typo3 4.6.1 Typo3 Typo3 4.6.2 Typo3 Typo3 4.6.3 Typo3 Typo3 4.6.4 Typo3 Typo3 4.6.5 Typo3 Typo3 4.6.6 Typo3 Typo3 4.6.7 Typo3 Typo3 4.6.8 Typo3 Typo3 4.6.9 Typo3 Typo3 4.6.10 Typo3 Typo3 4.6.11 Typo3 Typo3 4.7 Typo3 Typo3 4.7.0 Typo3 Typo3 4.7.1 Typo3 Typo3 4.7.2 Typo3 Typo3 4.7.3	38

Nessus

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-2537.NASL
description	Several vulnerabilities were discovered in TYPO3, a content management system. - CVE-2012-3527 An insecure call to unserialize in the help system enables arbitrary code execution by authenticated users. - CVE-2012-3528 The TYPO3 backend contains several cross-site scripting vulnerabilities. - CVE-2012-3529 Authenticated users who can access the configuration module can obtain the encryption key, allowing them to escalate their privileges. - CVE-2012-3530 The RemoveXSS HTML sanitizer did not remove several HTML5 JavaScript, thus failing to mitigate the impact of cross-site scripting vulnerabilities.
last seen	2020-03-17
modified	2012-08-31
plugin id	61735
published	2012-08-31
reporter	This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/61735
title	Debian DSA-2537-1 : typo3-src - several vulnerabilities
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-2537. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(61735); script_version("1.9"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2012-3527", "CVE-2012-3528", "CVE-2012-3529", "CVE-2012-3530", "CVE-2012-3531"); script_bugtraq_id(55052); script_xref(name:"DSA", value:"2537"); script_name(english:"Debian DSA-2537-1 : typo3-src - several vulnerabilities"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Several vulnerabilities were discovered in TYPO3, a content management system. - CVE-2012-3527 An insecure call to unserialize in the help system enables arbitrary code execution by authenticated users. - CVE-2012-3528 The TYPO3 backend contains several cross-site scripting vulnerabilities. - CVE-2012-3529 Authenticated users who can access the configuration module can obtain the encryption key, allowing them to escalate their privileges. - CVE-2012-3530 The RemoveXSS HTML sanitizer did not remove several HTML5 JavaScript, thus failing to mitigate the impact of cross-site scripting vulnerabilities." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2012-3527" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2012-3528" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2012-3529" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2012-3530" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/squeeze/typo3-src" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2012/dsa-2537" ); script_set_attribute( attribute:"solution", value: "Upgrade the typo3-src packages. For the stable distribution (squeeze), these problems have been fixed in version 4.3.9+dfsg1-1+squeeze5." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:typo3-src"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0"); script_set_attribute(attribute:"patch_publication_date", value:"2012/08/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/31"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"6.0", prefix:"typo3", reference:"4.3.9+dfsg1-1+squeeze5")) flag++; if (deb_check(release:"6.0", prefix:"typo3-database", reference:"4.3.9+dfsg1-1+squeeze5")) flag++; if (deb_check(release:"6.0", prefix:"typo3-src-4.3", reference:"4.3.9+dfsg1-1+squeeze5")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

Seebug

bulletinFamily	exploit
description	CVE ID:CVE-2012-3530 TYPO3是一个免费开源的内容管理系统。 TYPO3 t3lib_div::quoteJSvalue API函数存在不完整黑名单漏洞，允许远程攻击者利用漏洞通过某些HTML5 JavaScript事件注入任意WEB脚本或者HTML，可获得敏感信息或劫持用户会话。 0 TYPO3 4.5.x TYPO3 4.6.x TYPO3 4.7.x 厂商解决方案用户可参考如下供应商提供的安全公告获得补丁信息： http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/
id	SSV:60376
last seen	2017-11-19
modified	2012-09-09
published	2012-09-09
reporter	Root
title	TYPO3 不完整黑名单跨站脚本漏洞(CVE-2012-3530)

Summary

Vulnerable Configurations

Nessus

Seebug

References