Snyk has a proof-of-concept or detailed explanation of how to exploit this vulnerability.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Improper Access Control vulnerabilities in an interactive lesson.
Start learningUpgrade causal/oidc
to version 2.1.0 or higher.
Affected versions of this package are vulnerable to Improper Access Control due to improper verification of the OpenID Connect authentication state from the user lookup chain. Specifically, the authentication service authenticates any valid frontend user from the user lookup chain if the tx_oidc
frontend user field is not empty.
Note:
This flaw is exploitable in scenarios where either ext:felogin
is active or the $GLOBALS['TYPO3_CONF_VARS']['FE']['checkFeUserPid']
is disabled, allowing an attacker to log in to OpenID Connect frontend user accounts by providing a valid username and any password.