CVE-2021-41114: Improper Input Validation

October 5, 2021 (updated October 9, 2021)

TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP Host header.

References

nvd.nist.gov/vuln/detail/CVE-2021-41114
typo3.org/security/advisory/typo3-core-sa-2021-015

Code Behaviors & Features

Detect and mitigate CVE-2021-41114 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →