Description
An uncaught exception in the Bookmark Toolbar of TYPO3 CMS versions 11.0.0–11.5.47, 12.0.0–12.4.36, and 13.0.0–13.4.17 lets administrator‑level backend users trigger a denial‑of‑service condition in the backend user interface by saving manipulated data in the bookmark toolbar.
Remediation
References
Related Vulnerabilities
WordPress Plugin Photocart Link Local File Inclusion (1.6)
Plone CMS Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2024-0669)
silverstripeCMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-5088)
WordPress Plugin CoolClock-a Javascript Analog Clock Cross-Site Scripting (4.3.4)
Squid Incorrect Conversion between Numeric Types Vulnerability (CVE-2023-46848)