SQL injection vulnerability in Typo3 CMS
A system extension of the Typo3 content-management system can be exploited in order to get authorized access to the database. This would allow an attacker to read or even manipulate data. According to the security advisory, the cause of the problem is an SQL injection bug in indexed_search, which is not described in detail. The extension is part of a standard installation.
Allegedly, the vulnerability can only be exploited if the attacker is logged in to the Typo3 back end - but he need not possess any admin rights. Typo3 3.x, 4.0 to 4.0.7 and 4.1 up to and including 4.1.3 are affected. In versions 4.1.4 and 4.0.8, the hole has been closed.
- SQL Injection in system extension indexed_search, failure report from Typo3
(mba)