GHSA-67j3-jmm3-32xcMedium
TYPO3 ke_search path traversal from arbitrary table configuration input
🔗 CVE IDs covered (1)
📋 Description
In TYPO3 faceted fulltext search (ke_search), theadditional_tables configuration of the page and tt_content indexers accept arbitrary table and field names. A backend user with permission to edit indexer configurations can copy sensitive data from internal TYPO3 tables into the search index. This has been patched in versions 7.0.1, 6.6.1, 5.6.2 and 4.6.7.
🎯 Affected products4
- composer/tpwd/ke_search:>= 7.0.0, < 7.0.1
- composer/tpwd/ke_search:>= 6.0.0, < 6.6.1
- composer/tpwd/ke_search:>= 5.0.0, < 5.6.2
- composer/tpwd/ke_search:< 4.6.7