And now grab the POST request that is being passed to the server and change the module” parameter to your payload.
The response of this request will be the following:
Now the page will redirect and the Stored-XSS will be there.
4. Vulnerable Versions
- Update to TYPO3 6.2.19 or latest.
6. Vulnerability Timeline
- February 15, 2016 — Bug reported to TYPO3
- February 15, 2016 — TYPO3 team acknowledges the vulnerability
- February 23, 2016 — TYPO3 team releases a new version
- February 24, 2016 — Public disclosure