CVE-2016-4056 - Stored Cross-Site Scripting in TYPO3 Bookmarks

1. Vulnerability Properties

Title: Stored Cross-Site Scripting in TYPO3 Bookmarks
CVE ID: CVE-2016-4056
CVSSv3 Base Score: 4.6 (AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N)
Vendor: TYPO3
Products: TYPO3 Core (6.2.x)
Advisory Release Date: 24 February 2016
Advisory URL:
Credits: Discovery by Filipe Reis <fr[at]>

2. Vulnerability Summary

TYPO3 core is vulnerable to stored cross-site scripting when a bookmark is created.

3. Technical Details

This Stored-XSS can be exploited when a new bookmark is created.

To replicate this issue we go to any page and click on "Create a bookmark to this page".


Click OK.


And now grab the POST request that is being passed to the server and change the "module" parameter to your payload.


The response of this request will be the following:


Now the page will redirect and the Stored-XSS will be there.


4. Vulnerable Versions

  • TYPO3 6.2.x

5. Solution

  • Update to TYPO3 6.2.19 or latest.

6. Vulnerability Timeline

  • February 15, 2016 — Bug reported to TYPO3
  • February 15, 2016 — TYPO3 team acknowledges the vulnerability
  • February 23, 2016 — TYPO3 team releases a new version
  • February 24, 2016 — Public disclosure

7. References


© 2023 Devoteam Cyber Trust. All rights reserved. | Cookie Policy

Cookie Consent X

Integrity S.A. uses cookies for analytical and more personalized information presentation purposes, based on your browsing habits and profile. For more detailed information, see our Cookie Policy.