以下是关于该漏洞的关键信息: Component Type: TYPO3 CMS Subcomponent: Page Error Handling (ext:core, ext:frontend) Release Date: September 13, 2022 Vulnerability Type: Denial of Service Affected Versions: 11.4.0-11.5.15 Severity: Medium Suggested CVSS: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C References: CVE-2022-36104, CWE-405, CWE-674 Problem Description Requesting invalid or non-existing resources via HTTP triggers the page error handler which could retrieve content to be shown as an error message from another page. This leads to a scenario in which the application is calling itself recursively - amplifying the impact of the initial attack until the limits of the web server are exceeded. Solution Update to TYPO3 version 11.5.16 that fixes the problem described above.