CVE-2019-19850 — SQL Injection in Typo3

CWE-89 — SQL Injection4 documents4 sources

Severity

7.2HIGHNVD

EPSS

0.3%

top 48.11%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Typo3 Typo3 CMS Typo3 Cms-core

Timeline

PublishedDec 17

Latest updateMay 24

Description

An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. Because escaping of user-submitted content is mishandled, the class QueryGenerator is vulnerable to SQL injection. Exploitation requires having the system extension ext:lowlevel installed, and a valid backend user who has administrator privileges.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages3 packages

▶Packagisttypo3/cms8.0 — 8.7.30+2

▶NVDtypo3/typo38.0.0 — 8.7.30+2

▶Packagisttypo3/cms-core8.0 — 8.7.30+2

🔴Vulnerability Details

OSV

TYPO3 SQL Injection in low-level Query Generator↗2022-05-24

▶

GHSA

TYPO3 SQL Injection in low-level Query Generator↗2022-05-24

▶

CVEList

CVE-2019-19850: An issue was discovered in TYPO3 before 8↗2019-12-17

▶