Vulnerability Description
The url_redirect (aka URL redirect) extension through 1.2.1 for TYPO3 fails to properly sanitize user input and is susceptible to SQL Injection.
CVSS Score
7.3
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Url Redirect Project | Url Redirect | <= 1.2.1 |
Related Weaknesses (CWE)
References
- https://extensions.typo3.org/extension/url_redirect/Third Party Advisory
- https://typo3.org/security/advisory/typo3-ext-sa-2019-015/Third Party Advisory
- https://extensions.typo3.org/extension/url_redirect/Third Party Advisory
- https://typo3.org/security/advisory/typo3-ext-sa-2019-015/Third Party Advisory
FAQ
What is CVE-2019-16682?
CVE-2019-16682 is a vulnerability with a CVSS score of 7.3 (HIGH). The url_redirect (aka URL redirect) extension through 1.2.1 for TYPO3 fails to properly sanitize user input and is susceptible to SQL Injection.
How severe is CVE-2019-16682?
CVE-2019-16682 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-16682?
Check the references section above for vendor advisories and patch information. Affected products include: Url Redirect Project Url Redirect.