Search criteria
89 vulnerabilities found for typo3 by TYPO3
CERTFR-2026-AVI-0037
Vulnerability from certfr_avis - Published: 2026-01-14 - Updated: 2026-01-14
De multiples vulnérabilités ont été découvertes dans Typo3. Elles permettent à un attaquant de provoquer une exécution de code arbitraire et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Typo3 | Typo3 | typo3/cms-backend versions antérieures à 14.0.2 pour composer | ||
| Typo3 | Typo3 | typo3/cms-backend versions antérieures à 12.4.41 pour composer | ||
| Typo3 | Typo3 | typo3/cms-core versions antérieures à 13.4.23 pour composer | ||
| Typo3 | Typo3 | typo3/cms-recycler versions antérieures à 10.4.55 pour composer | ||
| Typo3 | Typo3 | typo3/cms-backend versions antérieures à 13.4.23 pour composer | ||
| Typo3 | Typo3 | typo3/cms-redirects versions antérieures à 12.4.41 pour composer | ||
| Typo3 | Typo3 | typo3/cms-recycler versions antérieures à 11.5.49 pour composer | ||
| Typo3 | Typo3 | typo3/cms-core versions antérieures à 11.5.49 pour composer | ||
| Typo3 | Typo3 | typo3/cms-backend versions antérieures à 11.5.49 pour composer | ||
| Typo3 | Typo3 | typo3/cms-recycler versions antérieures à 14.0.2 pour composer | ||
| Typo3 | Typo3 | typo3/cms-core versions antérieures à 10.4.55 pour composer | ||
| Typo3 | Typo3 | typo3/cms-core versions antérieures à 12.4.41 pour composer | ||
| Typo3 | Typo3 | typo3/cms-redirects versions antérieures à 10.4.55 pour composer | ||
| Typo3 | Typo3 | typo3/cms-core versions antérieures à 14.0.2 pour composer | ||
| Typo3 | Typo3 | typo3/cms-backend versions antérieures à 10.4.55 pour composer | ||
| Typo3 | Typo3 | typo3/cms-recycler versions antérieures à 13.4.23 pour composer | ||
| Typo3 | Typo3 | typo3/cms-redirects versions antérieures à 13.4.23 pour composer | ||
| Typo3 | Typo3 | typo3/cms-redirects versions antérieures à 14.0.2 pour composer | ||
| Typo3 | Typo3 | typo3/cms-redirects versions antérieures à 11.5.49 pour composer | ||
| Typo3 | Typo3 | typo3/cms-recycler versions antérieures à 12.4.41 pour composer |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "typo3/cms-backend versions ant\u00e9rieures \u00e0 14.0.2 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-backend versions ant\u00e9rieures \u00e0 12.4.41 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-core versions ant\u00e9rieures \u00e0 13.4.23 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-recycler versions ant\u00e9rieures \u00e0 10.4.55 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-backend versions ant\u00e9rieures \u00e0 13.4.23 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-redirects versions ant\u00e9rieures \u00e0 12.4.41 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-recycler versions ant\u00e9rieures \u00e0 11.5.49 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-core versions ant\u00e9rieures \u00e0 11.5.49 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-backend versions ant\u00e9rieures \u00e0 11.5.49 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-recycler versions ant\u00e9rieures \u00e0 14.0.2 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-core versions ant\u00e9rieures \u00e0 10.4.55 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-core versions ant\u00e9rieures \u00e0 12.4.41 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-redirects versions ant\u00e9rieures \u00e0 10.4.55 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-core versions ant\u00e9rieures \u00e0 14.0.2 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-backend versions ant\u00e9rieures \u00e0 10.4.55 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-recycler versions ant\u00e9rieures \u00e0 13.4.23 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-redirects versions ant\u00e9rieures \u00e0 13.4.23 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-redirects versions ant\u00e9rieures \u00e0 14.0.2 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-redirects versions ant\u00e9rieures \u00e0 11.5.49 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-recycler versions ant\u00e9rieures \u00e0 12.4.41 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-0859",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0859"
},
{
"name": "CVE-2025-59020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59020"
},
{
"name": "CVE-2025-59022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59022"
},
{
"name": "CVE-2025-59021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59021"
}
],
"initial_release_date": "2026-01-14T00:00:00",
"last_revision_date": "2026-01-14T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0037",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-01-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Typo3. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Typo3",
"vendor_advisories": [
{
"published_at": "2026-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-5j7q-wmh7-cqhg",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-5j7q-wmh7-cqhg"
},
{
"published_at": "2026-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-p52w-7rhw-9m67",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-p52w-7rhw-9m67"
},
{
"published_at": "2026-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-6c46-p6j5-3f49",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-6c46-p6j5-3f49"
},
{
"published_at": "2026-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-7vp9-x248-9vr9",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-7vp9-x248-9vr9"
}
]
}
CERTFR-2025-AVI-0429
Vulnerability from certfr_avis - Published: 2025-05-20 - Updated: 2025-05-20
De multiples vulnérabilités ont été découvertes dans les produits Typo3. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Typo3 | Typo3 | typo3/cms-setup versions 10.4.x antérieures à 10.4.50 pour composer | ||
| Typo3 | Typo3 | typo3/cms-backend versions 12.4.x antérieures à 12.4.31 pour composer | ||
| Typo3 | Typo3 | typo3/cms-core versions 13.4.x antérieures à 13.4.12 pour composer | ||
| Typo3 | Typo3 | typo3/cms-setup versions 11.5.x antérieures à 11.5.44 pour composer | ||
| Typo3 | Typo3 | typo3/cms-webhooks versions 12.4.x antérieures à 12.4.31 pour composer | ||
| Typo3 | Typo3 | typo3/cms-webhooks versions 13.4.x antérieures à 13.4.12 pour composer | ||
| Typo3 | Typo3 | typo3/cms-core versions 10.4.x antérieures à 10.4.50 pour composer | ||
| Typo3 | Typo3 | typo3/cms-core versions 9.5.x antérieures à 9.5.51 pour composer | ||
| Typo3 | Typo3 | typo3/cms-setup versions 9.5.x antérieures à 9.5.51 pour composer | ||
| Typo3 | Typo3 | typo3/cms-backend versions 13.4.x antérieures à 13.4.12 pour composer | ||
| Typo3 | Typo3 | typo3/cms-setup versions 13.4.x antérieures à 13.4.12 pour composer | ||
| Typo3 | Typo3 | typo3/cms-setup versions 12.4.x antérieures à 12.4.31 pour composer | ||
| Typo3 | Typo3 | typo3/cms-core versions 12.4.x antérieures à 12.4.31 pour composer | ||
| Typo3 | Typo3 | typo3/cms-core versions 11.5.x antérieures à 11.5.44 pour composer |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "typo3/cms-setup versions 10.4.x ant\u00e9rieures \u00e0 10.4.50 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-backend versions 12.4.x ant\u00e9rieures \u00e0 12.4.31 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-core versions 13.4.x ant\u00e9rieures \u00e0 13.4.12 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-setup versions 11.5.x ant\u00e9rieures \u00e0 11.5.44 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-webhooks versions 12.4.x ant\u00e9rieures \u00e0 12.4.31 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-webhooks versions 13.4.x ant\u00e9rieures \u00e0 13.4.12 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-core versions 10.4.x ant\u00e9rieures \u00e0 10.4.50 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-core versions 9.5.x ant\u00e9rieures \u00e0 9.5.51 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-setup versions 9.5.x ant\u00e9rieures \u00e0 9.5.51 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-backend versions 13.4.x ant\u00e9rieures \u00e0 13.4.12 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-setup versions 13.4.x ant\u00e9rieures \u00e0 13.4.12 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-setup versions 12.4.x ant\u00e9rieures \u00e0 12.4.31 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-core versions 12.4.x ant\u00e9rieures \u00e0 12.4.31 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-core versions 11.5.x ant\u00e9rieures \u00e0 11.5.44 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-47940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47940"
},
{
"name": "CVE-2025-47938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47938"
},
{
"name": "CVE-2025-47936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47936"
},
{
"name": "CVE-2025-47939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47939"
},
{
"name": "CVE-2025-47941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47941"
},
{
"name": "CVE-2025-47937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47937"
}
],
"initial_release_date": "2025-05-20T00:00:00",
"last_revision_date": "2025-05-20T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0429",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-05-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Typo3. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Typo3",
"vendor_advisories": [
{
"published_at": "2025-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-x8pv-fgxp-8v3x",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-x8pv-fgxp-8v3x"
},
{
"published_at": "2025-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-744g-7qm9-hjh9",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-744g-7qm9-hjh9"
},
{
"published_at": "2025-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-9hq9-cr36-4wpj",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-9hq9-cr36-4wpj"
},
{
"published_at": "2025-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-p4xx-m758-3hpx",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-p4xx-m758-3hpx"
},
{
"published_at": "2025-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-3jrg-97f3-rqh9",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-3jrg-97f3-rqh9"
},
{
"published_at": "2025-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-6frx-j292-c844",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-6frx-j292-c844"
}
]
}
CERTFR-2025-AVI-0028
Vulnerability from certfr_avis - Published: 2025-01-14 - Updated: 2025-01-14
De multiples vulnérabilités ont été découvertes dans les produits Typo3. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une injection de requêtes illégitimes par rebond (CSRF) et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Typo3 | Typo3 | typo3/cms-core versions 13.x antérieures à 13.4.3 pour composer | ||
| Typo3 | Typo3 | typo3/cms-beuser versions 11.x antérieures à 11.5.42 pour composer | ||
| Typo3 | Typo3 | typo3/cms-extensionmanager versions 11.x antérieures à 11.5.42 pour composer | ||
| Typo3 | Typo3 | typo3/cms-beuser versions 12.x antérieures à 12.4.25 pour composer | ||
| Typo3 | Typo3 | typo3/cms-belog versions 13.x antérieures à 13.4.3 pour composer | ||
| Typo3 | Typo3 | typo3/cms-form versions 12.x antérieures à 12.4.25 pour composer | ||
| Typo3 | Typo3 | typo3/cms-extensionmanager versions 12.x antérieures à 12.4.25 pour composer | ||
| Typo3 | Typo3 | typo3/cms-dashboard versions 11.x antérieures à 11.5.42 pour composer | ||
| Typo3 | Typo3 | typo3/cms-extensionmanager versions 13.x antérieures à 13.4.3 pour composer | ||
| Typo3 | Typo3 | typo3/cms-form versions 11.x antérieures à 11.5.42 pour composer | ||
| Typo3 | Typo3 | typo3/cms-indexed-search versions 13.x antérieures à 13.4.3 pour composer | ||
| Typo3 | Typo3 | typo3/cms-belog versions 11.x antérieures à 11.5.42 pour composer | ||
| Typo3 | Typo3 | typo3/cms-beuser versions 10.x antérieures à 10.4.48 pour composer | ||
| Typo3 | Typo3 | typo3/cms-core versions 9.x antérieures à 9.5.49 pour composer | ||
| Typo3 | Typo3 | typo3/cms-dashboard versions 13.x antérieures à 13.4.3 pour composer | ||
| Typo3 | Typo3 | typo3/cms-form versions 10.x antérieures à 10.4.48 pour composer | ||
| Typo3 | Typo3 | typo3/cms-dashboard versions 10.x antérieures à 10.4.48 pour composer | ||
| Typo3 | Typo3 | typo3/cms-dashboard versions 12.x antérieures à 12.4.25 pour composer | ||
| Typo3 | Typo3 | typo3/cms-extensionmanager versions 10.x antérieures à 10.4.48 pour composer | ||
| Typo3 | Typo3 | typo3/cms-scheduler versions 11.x antérieures à 11.5.42 pour composer | ||
| Typo3 | Typo3 | typo3/cms-core versions 11.x antérieures à 11.5.42 pour composer | ||
| Typo3 | Typo3 | typo3/cms-beuser versions 13.x antérieures à 13.4.3 pour composer | ||
| Typo3 | Typo3 | typo3/cms-install versions 13.x antérieures à 13.4.3 pour composer | ||
| Typo3 | Typo3 | typo3/cms-indexed-search versions 12.x antérieures à 12.4.25 pour composer | ||
| Typo3 | Typo3 | typo3/cms-belog versions 10.x antérieures à 10.4.48 pour composer | ||
| Typo3 | Typo3 | typo3/cms-form versions 13.x antérieures à 13.4.3 pour composer | ||
| Typo3 | Typo3 | typo3/cms-lowlevel versions 11.x antérieures à 11.5.42 pour composer | ||
| Typo3 | Typo3 | typo3/cms-core versions 12.x antérieures à 12.4.25 pour composer | ||
| Typo3 | Typo3 | typo3/cms-indexed-search versions 10.x antérieures à 10.4.48 pour composer | ||
| Typo3 | Typo3 | typo3/cms-belog versions 12.x antérieures à 12.4.25 pour composer | ||
| Typo3 | Typo3 | typo3/cms-core versions 10.x antérieures à 10.4.48 pour composer | ||
| Typo3 | Typo3 | typo3/cms-indexed-search versions 11.x antérieures à 11.5.42 pour composer |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "typo3/cms-core versions 13.x ant\u00e9rieures \u00e0 13.4.3 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-beuser versions 11.x ant\u00e9rieures \u00e0 11.5.42 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-extensionmanager versions 11.x ant\u00e9rieures \u00e0 11.5.42 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-beuser versions 12.x ant\u00e9rieures \u00e0 12.4.25 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-belog versions 13.x ant\u00e9rieures \u00e0 13.4.3 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-form versions 12.x ant\u00e9rieures \u00e0 12.4.25 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-extensionmanager versions 12.x ant\u00e9rieures \u00e0 12.4.25 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-dashboard versions 11.x ant\u00e9rieures \u00e0 11.5.42 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-extensionmanager versions 13.x ant\u00e9rieures \u00e0 13.4.3 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-form versions 11.x ant\u00e9rieures \u00e0 11.5.42 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-indexed-search versions 13.x ant\u00e9rieures \u00e0 13.4.3 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-belog versions 11.x ant\u00e9rieures \u00e0 11.5.42 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-beuser versions 10.x ant\u00e9rieures \u00e0 10.4.48 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-core versions 9.x ant\u00e9rieures \u00e0 9.5.49 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-dashboard versions 13.x ant\u00e9rieures \u00e0 13.4.3 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-form versions 10.x ant\u00e9rieures \u00e0 10.4.48 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-dashboard versions 10.x ant\u00e9rieures \u00e0 10.4.48 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-dashboard versions 12.x ant\u00e9rieures \u00e0 12.4.25 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-extensionmanager versions 10.x ant\u00e9rieures \u00e0 10.4.48 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-scheduler versions 11.x ant\u00e9rieures \u00e0 11.5.42 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-core versions 11.x ant\u00e9rieures \u00e0 11.5.42 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-beuser versions 13.x ant\u00e9rieures \u00e0 13.4.3 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-install versions 13.x ant\u00e9rieures \u00e0 13.4.3 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-indexed-search versions 12.x ant\u00e9rieures \u00e0 12.4.25 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-belog versions 10.x ant\u00e9rieures \u00e0 10.4.48 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-form versions 13.x ant\u00e9rieures \u00e0 13.4.3 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-lowlevel versions 11.x ant\u00e9rieures \u00e0 11.5.42 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-core versions 12.x ant\u00e9rieures \u00e0 12.4.25 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-indexed-search versions 10.x ant\u00e9rieures \u00e0 10.4.48 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-belog versions 12.x ant\u00e9rieures \u00e0 12.4.25 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-core versions 10.x ant\u00e9rieures \u00e0 10.4.48 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "typo3/cms-indexed-search versions 11.x ant\u00e9rieures \u00e0 11.5.42 pour composer",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-55923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55923"
},
{
"name": "CVE-2024-55945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55945"
},
{
"name": "CVE-2024-55893",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55893"
},
{
"name": "CVE-2024-55921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55921"
},
{
"name": "CVE-2024-55924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55924"
},
{
"name": "CVE-2024-55891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55891"
},
{
"name": "CVE-2024-55892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55892"
},
{
"name": "CVE-2024-55894",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55894"
},
{
"name": "CVE-2024-55920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55920"
},
{
"name": "CVE-2024-55922",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55922"
}
],
"initial_release_date": "2025-01-14T00:00:00",
"last_revision_date": "2025-01-14T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0028",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-01-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Typo3. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF) et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Typo3",
"vendor_advisories": [
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-7835-fcv3-g256",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-7835-fcv3-g256"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-cjfr-9f5r-3q93",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-cjfr-9f5r-3q93"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-38x7-cc6w-j27q",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-38x7-cc6w-j27q"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-7r5q-4qgx-v545",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-7r5q-4qgx-v545"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-ww7h-g2qf-7xv6",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-ww7h-g2qf-7xv6"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-4g52-pq8j-6qv5",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-4g52-pq8j-6qv5"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-6w4x-gcx3-8p7v",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-6w4x-gcx3-8p7v"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-2fx5-pggv-6jjr",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-2fx5-pggv-6jjr"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-8mv3-37rc-pvxj",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8mv3-37rc-pvxj"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-qwx7-39pw-2mhr",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-qwx7-39pw-2mhr"
}
]
}
CERTFR-2024-AVI-0843
Vulnerability from certfr_avis - Published: 2024-10-08 - Updated: 2024-10-08
De multiples vulnérabilités ont été découvertes dans Typo3. Elles permettent à un attaquant de provoquer un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Typo3 versions ant\u00e9rieures \u00e0 10.4.46 ELTS",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "Typo3 versions 11.x ant\u00e9rieures \u00e0 11.5.40 LTS",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "Typo3 versions 13.x ant\u00e9rieures \u00e0 13.3.1",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "Typo3 versions 12.x ant\u00e9rieures \u00e0 12.4.21 LTS",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-34537",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34537"
},
{
"name": "CVE-2024-47780",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47780"
}
],
"initial_release_date": "2024-10-08T00:00:00",
"last_revision_date": "2024-10-08T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0843",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-10-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Typo3. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Typo3",
"vendor_advisories": [
{
"published_at": "2024-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-rf5m-h8q9-9w6q",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-rf5m-h8q9-9w6q"
},
{
"published_at": "2024-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-ffcv-v6pw-qhrp",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-ffcv-v6pw-qhrp"
}
]
}
CERTFR-2024-AVI-0394
Vulnerability from certfr_avis - Published: 2024-05-14 - Updated: 2024-05-14
De multiples vulnérabilités ont été découvertes dans Typo3. Elles permettent à un attaquant de provoquer un déni de service à distance, une injection de code indirecte à distance (XSS) et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Typo3 versions 9.x ant\u00e9rieures \u00e0 9.5.48",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "Typo3 versions 13.x ant\u00e9rieures \u00e0 13.1.1",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "Typo3 versions 10.x ant\u00e9rieures \u00e0 10.4.45",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "Typo3 versions 12.x ant\u00e9rieures \u00e0 12.4.15",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
},
{
"description": "Typo3 versions 11.x ant\u00e9rieures \u00e0 11.5.37",
"product": {
"name": "Typo3",
"vendor": {
"name": "Typo3",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-34355",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34355"
},
{
"name": "CVE-2024-34356",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34356"
},
{
"name": "CVE-2024-34358",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34358"
},
{
"name": "CVE-2024-34357",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34357"
}
],
"initial_release_date": "2024-05-14T00:00:00",
"last_revision_date": "2024-05-14T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0394",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-05-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Typo3. Elles\npermettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance,\nune injection de code indirecte \u00e0 distance (XSS) et un contournement de\nla politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Typo3",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-hw6c-6gwq-3m3m du 14 mai 2024",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-hw6c-6gwq-3m3m"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-36g8-62qv-5957 du 14 mai 2024",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-36g8-62qv-5957"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-v6mw-h7w6-59w3 du 14 mai 2024",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-v6mw-h7w6-59w3"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Typo3 GHSA-xjwx-78x7-q6jc du 14 mai 2024",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-xjwx-78x7-q6jc"
}
]
}
CVE-2025-47941 (GCVE-0-2025-47941)
Vulnerability from cvelistv5 – Published: 2025-05-20 14:07 – Updated: 2025-05-20 14:34
VLAI?
Title
TYPO3 Has Broken Authentication in Backend MFA
Summary
TYPO3 is an open source, PHP based web content management system. In versions on the 12.x branch prior to 12.4.31 LTS and the 13.x branch prior to 13.4.2 LTS, the multifactor authentication (MFA) dialog presented during backend login can be bypassed due to insufficient enforcement of access restrictions on all backend routes. Successful exploitation requires valid backend user credentials, as MFA can only be bypassed after successful authentication. Users should update to TYPO3 version 12.4.31 LTS or 13.4.12 LTS to fix the problem.
Severity ?
7.2 (High)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47941",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T14:31:58.633365Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T14:34:13.675Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.31"
},
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.4.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is an open source, PHP based web content management system. In versions on the 12.x branch prior to 12.4.31 LTS and the 13.x branch prior to 13.4.2 LTS, the multifactor authentication (MFA) dialog presented during backend login can be bypassed due to insufficient enforcement of access restrictions on all backend routes. Successful exploitation requires valid backend user credentials, as MFA can only be bypassed after successful authentication. Users should update to TYPO3 version 12.4.31 LTS or 13.4.12 LTS to fix the problem."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288: Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T14:07:33.017Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-744g-7qm9-hjh9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-744g-7qm9-hjh9"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2025-015",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2025-015"
}
],
"source": {
"advisory": "GHSA-744g-7qm9-hjh9",
"discovery": "UNKNOWN"
},
"title": "TYPO3 Has Broken Authentication in Backend MFA"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-47941",
"datePublished": "2025-05-20T14:07:33.017Z",
"dateReserved": "2025-05-14T10:32:43.530Z",
"dateUpdated": "2025-05-20T14:34:13.675Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-47940 (GCVE-0-2025-47940)
Vulnerability from cvelistv5 – Published: 2025-05-20 14:06 – Updated: 2025-05-20 14:35
VLAI?
Title
TYPO3 CMS Vulnerable to Privilege Escalation to System Maintainer
Summary
TYPO3 is an open source, PHP based web content management system. Starting in version 10.0.0 and prior to versions 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, administrator-level backend users without system maintainer privileges can escalate their privileges and gain system maintainer access. Exploiting this vulnerability requires a valid administrator account. Users should update to TYPO3 version 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS to fix the problem.
Severity ?
7.2 (High)
CWE
- CWE-283 - Unverified Ownership
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47940",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T14:35:19.788540Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T14:35:41.374Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.50"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.44"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.31"
},
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.4.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is an open source, PHP based web content management system. Starting in version 10.0.0 and prior to versions 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, administrator-level backend users without system maintainer privileges can escalate their privileges and gain system maintainer access. Exploiting this vulnerability requires a valid administrator account. Users should update to TYPO3 version 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS to fix the problem."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-283",
"description": "CWE-283: Unverified Ownership",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T14:06:07.374Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-6frx-j292-c844",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-6frx-j292-c844"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2025-016",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2025-016"
}
],
"source": {
"advisory": "GHSA-6frx-j292-c844",
"discovery": "UNKNOWN"
},
"title": "TYPO3 CMS Vulnerable to Privilege Escalation to System Maintainer"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-47940",
"datePublished": "2025-05-20T14:06:07.374Z",
"dateReserved": "2025-05-14T10:32:43.530Z",
"dateUpdated": "2025-05-20T14:35:41.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-47939 (GCVE-0-2025-47939)
Vulnerability from cvelistv5 – Published: 2025-05-20 14:00 – Updated: 2025-05-20 14:08
VLAI?
Title
TYPO3 CMS Vulnerable to Unrestricted File Upload in File Abstraction Layer
Summary
TYPO3 is an open source, PHP based web content management system. By design, the file management module in TYPO3’s backend user interface has historically allowed the upload of any file type, with the exception of those that are directly executable in a web server context. This lack of restriction means it is possible to upload files that may be considered potentially harmful, such as executable binaries (e.g., `.exe` files), or files with inconsistent file extensions and MIME types (for example, a file incorrectly named with a `.png` extension but actually carrying the MIME type `application/zip`) starting in version 9.0.0 and prior to versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS. Although such files are not directly executable through the web server, their presence can introduce indirect risks. For example, third-party services such as antivirus scanners or malware detection systems might flag or block access to the website for end users if suspicious files are found. This could negatively affect the availability or reputation of the site. Users should update to TYPO3 version 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS to fix the problem.
Severity ?
5.4 (Medium)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47939",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T14:08:07.393730Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T14:08:13.645Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 9.0.0, \u003c 9.5.51"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.50"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.44"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.31"
},
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.4.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is an open source, PHP based web content management system. By design, the file management module in TYPO3\u2019s backend user interface has historically allowed the upload of any file type, with the exception of those that are directly executable in a web server context. This lack of restriction means it is possible to upload files that may be considered potentially harmful, such as executable binaries (e.g., `.exe` files), or files with inconsistent file extensions and MIME types (for example, a file incorrectly named with a `.png` extension but actually carrying the MIME type `application/zip`) starting in version 9.0.0 and prior to versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS. Although such files are not directly executable through the web server, their presence can introduce indirect risks. For example, third-party services such as antivirus scanners or malware detection systems might flag or block access to the website for end users if suspicious files are found. This could negatively affect the availability or reputation of the site. Users should update to TYPO3 version 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS to fix the problem."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-351",
"description": "CWE-351: Insufficient Type Distinction",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434: Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T14:00:07.977Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-9hq9-cr36-4wpj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-9hq9-cr36-4wpj"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2025-014",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2025-014"
}
],
"source": {
"advisory": "GHSA-9hq9-cr36-4wpj",
"discovery": "UNKNOWN"
},
"title": "TYPO3 CMS Vulnerable to Unrestricted File Upload in File Abstraction Layer"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-47939",
"datePublished": "2025-05-20T14:00:07.977Z",
"dateReserved": "2025-05-14T10:32:43.530Z",
"dateUpdated": "2025-05-20T14:08:13.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-47938 (GCVE-0-2025-47938)
Vulnerability from cvelistv5 – Published: 2025-05-20 13:49 – Updated: 2025-05-20 14:22
VLAI?
Title
TYPO3 Vulnerable to Unverified Password Change for Backend Users
Summary
TYPO3 is an open source, PHP based web content management system. Starting in version 9.0.0 and prior to versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, the backend user management interface allows password changes without requiring the current password. When an administrator updates their own account or modifies other user accounts via the admin interface, the current password is not requested for verification. This behavior may lower the protection against unauthorized access in scenarios where an admin session is hijacked or left unattended, as it enables password changes without additional authentication. Users should update to TYPO3 version 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS to fix the problem.
Severity ?
CWE
- CWE-620 - Unverified Password Change
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47938",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T13:56:18.947568Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T14:22:22.746Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 9.0.0, \u003c 9.5.51"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.50"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.44"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.31"
},
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.4.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is an open source, PHP based web content management system. Starting in version 9.0.0 and prior to versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, the backend user management interface allows password changes without requiring the current password. When an administrator updates their own account or modifies other user accounts via the admin interface, the current password is not requested for verification. This behavior may lower the protection against unauthorized access in scenarios where an admin session is hijacked or left unattended, as it enables password changes without additional authentication. Users should update to TYPO3 version 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS to fix the problem."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-620",
"description": "CWE-620: Unverified Password Change",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T13:58:47.429Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-3jrg-97f3-rqh9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-3jrg-97f3-rqh9"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2025-013",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2025-013"
}
],
"source": {
"advisory": "GHSA-3jrg-97f3-rqh9",
"discovery": "UNKNOWN"
},
"title": "TYPO3 Vulnerable to Unverified Password Change for Backend Users"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-47938",
"datePublished": "2025-05-20T13:49:39.070Z",
"dateReserved": "2025-05-14T10:32:43.529Z",
"dateUpdated": "2025-05-20T14:22:22.746Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-47937 (GCVE-0-2025-47937)
Vulnerability from cvelistv5 – Published: 2025-05-20 13:47 – Updated: 2025-05-20 14:23
VLAI?
Title
TYPO3 Vulnerable to Information Disclosure via DBAL Restriction Handling
Summary
TYPO3 is an open source, PHP based web content management system. Starting in version 9.0.0 and prior to versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, when performing a database query involving multiple tables through the database abstraction layer (DBAL), frontend user permissions are only applied via `FrontendGroupRestriction` to the first table. As a result, data from additional tables included in the same query may be unintentionally exposed to unauthorized users. Users should update to TYPO3 version 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS to fix the problem.
Severity ?
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47937",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T13:57:34.105162Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T14:23:17.865Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 9.0.0, \u003c 9.5.51"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.50"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.44"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.31"
},
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.4.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is an open source, PHP based web content management system. Starting in version 9.0.0 and prior to versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, when performing a database query involving multiple tables through the database abstraction layer (DBAL), frontend user permissions are only applied via `FrontendGroupRestriction` to the first table. As a result, data from additional tables included in the same query may be unintentionally exposed to unauthorized users. Users should update to TYPO3 version 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS to fix the problem."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T13:59:02.082Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-x8pv-fgxp-8v3x",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-x8pv-fgxp-8v3x"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2025-011",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2025-011"
}
],
"source": {
"advisory": "GHSA-x8pv-fgxp-8v3x",
"discovery": "UNKNOWN"
},
"title": "TYPO3 Vulnerable to Information Disclosure via DBAL Restriction Handling"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-47937",
"datePublished": "2025-05-20T13:47:48.595Z",
"dateReserved": "2025-05-14T10:32:43.529Z",
"dateUpdated": "2025-05-20T14:23:17.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-47936 (GCVE-0-2025-47936)
Vulnerability from cvelistv5 – Published: 2025-05-20 13:23 – Updated: 2025-05-20 13:59
VLAI?
Title
TYPO3 Vulnerable to Server Side Request Forgery via Webhooks
Summary
TYPO3 is an open source, PHP based web content management system. In versions on the 12.x branch prior to 12.4.31 LTS and the 13.x branch prior to 13.4.2 LTS, Webhooks are inherently vulnerable to Cross-Site Request Forgery (CSRF), which can be exploited by adversaries to target internal resources (e.g., localhost or other services on the local network). While this is not a vulnerability in TYPO3 itself, it may enable attackers to blindly access systems that would otherwise be inaccessible. An administrator-level backend user account is required to exploit this vulnerability. Users should update to TYPO3 version 12.4.31 LTS or 13.4.12 LTS to fix the problem.
Severity ?
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47936",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T13:48:47.311067Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T13:48:54.441Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.31"
},
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.4.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is an open source, PHP based web content management system. In versions on the 12.x branch prior to 12.4.31 LTS and the 13.x branch prior to 13.4.2 LTS, Webhooks are inherently vulnerable to Cross-Site Request Forgery (CSRF), which can be exploited by adversaries to target internal resources (e.g., localhost or other services on the local network). While this is not a vulnerability in TYPO3 itself, it may enable attackers to blindly access systems that would otherwise be inaccessible. An administrator-level backend user account is required to exploit this vulnerability. Users should update to TYPO3 version 12.4.31 LTS or 13.4.12 LTS to fix the problem."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T13:59:19.751Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-p4xx-m758-3hpx",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-p4xx-m758-3hpx"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2025-012",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2025-012"
}
],
"source": {
"advisory": "GHSA-p4xx-m758-3hpx",
"discovery": "UNKNOWN"
},
"title": "TYPO3 Vulnerable to Server Side Request Forgery via Webhooks"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-47936",
"datePublished": "2025-05-20T13:23:52.952Z",
"dateReserved": "2025-05-14T10:32:43.529Z",
"dateUpdated": "2025-05-20T13:59:19.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-55892 (GCVE-0-2024-55892)
Vulnerability from cvelistv5 – Published: 2025-01-14 20:01 – Updated: 2025-01-14 20:13
VLAI?
Title
Potential Open Redirect via Parsing Differences in TYPO3
Summary
TYPO3 is a free and open source Content Management Framework. Applications that use `TYPO3\CMS\Core\Http\Uri` to parse externally provided URLs (e.g., via a query parameter) and validate the host of the parsed URL may be vulnerable to open redirect or SSRF attacks if the URL is used after passing the validation checks. Users are advised to update to TYPO3 versions 9.5.49 ELTS, 10.4.48 ELTS, 11.5.42 LTS, 12.4.25 LTS, 13.4.3 which fix the problem described. There are no known workarounds for this vulnerability.
Severity ?
4.8 (Medium)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-55892",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T20:12:41.686181Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T20:13:02.579Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 9.0.0, \u003c 9.5.49"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.48"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.42"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.25"
},
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is a free and open source Content Management Framework. Applications that use `TYPO3\\CMS\\Core\\Http\\Uri` to parse externally provided URLs (e.g., via a query parameter) and validate the host of the parsed URL may be vulnerable to open redirect or SSRF attacks if the URL is used after passing the validation checks. Users are advised to update to TYPO3 versions 9.5.49 ELTS, 10.4.48 ELTS, 11.5.42 LTS, 12.4.25 LTS, 13.4.3 which fix the problem described. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T20:01:55.952Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-2fx5-pggv-6jjr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-2fx5-pggv-6jjr"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2025-002",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2025-002"
}
],
"source": {
"advisory": "GHSA-2fx5-pggv-6jjr",
"discovery": "UNKNOWN"
},
"title": "Potential Open Redirect via Parsing Differences in TYPO3"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-55892",
"datePublished": "2025-01-14T20:01:55.952Z",
"dateReserved": "2024-12-12T15:03:39.206Z",
"dateUpdated": "2025-01-14T20:13:02.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-55893 (GCVE-0-2024-55893)
Vulnerability from cvelistv5 – Published: 2025-01-14 20:00 – Updated: 2025-05-20 18:20
VLAI?
Title
TYPO3 Cross-Site Request Forgery in Log Module
Summary
TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions: The user opens a malicious link, such as one sent via email. The user visits a compromised or manipulated website while the following settings are misconfigured: 1. `security.backend.enforceReferrer` feature is disabled, 2. `BE/cookieSameSite` configuration is set to lax or none. The vulnerability in the affected downstream component “Log Module” allows attackers to remove log entries. Users are advised to update to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS which fix the problem described. There are no known workarounds for this vulnerability.
Severity ?
4.3 (Medium)
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-55893",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T15:37:28.510769Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:44:53.027Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.48"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.42"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.25"
},
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions: The user opens a malicious link, such as one sent via email. The user visits a compromised or manipulated website while the following settings are misconfigured: 1. `security.backend.enforceReferrer` feature is disabled, 2. `BE/cookieSameSite` configuration is set to lax or none. The vulnerability in the affected downstream component \u201cLog Module\u201d allows attackers to remove log entries. Users are advised to update to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS which fix the problem described. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749: Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T18:20:53.394Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-cjfr-9f5r-3q93",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-cjfr-9f5r-3q93"
},
{
"name": "https://github.com/TYPO3-CMS/belog/commit/0eb171fcc5863c74f4890af0c6b3ccecb7e30cce",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TYPO3-CMS/belog/commit/0eb171fcc5863c74f4890af0c6b3ccecb7e30cce"
},
{
"name": "https://github.com/TYPO3-CMS/belog/commit/db399b80d94bd174e6699eccaf3fac7772a898a9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TYPO3-CMS/belog/commit/db399b80d94bd174e6699eccaf3fac7772a898a9"
},
{
"name": "https://github.com/TYPO3-CMS/belog/commit/ece08246dbcea416ff97d4cc013bf24fb622fe5f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TYPO3-CMS/belog/commit/ece08246dbcea416ff97d4cc013bf24fb622fe5f"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2025-003",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2025-003"
}
],
"source": {
"advisory": "GHSA-cjfr-9f5r-3q93",
"discovery": "UNKNOWN"
},
"title": "TYPO3 Cross-Site Request Forgery in Log Module"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-55893",
"datePublished": "2025-01-14T20:00:15.247Z",
"dateReserved": "2024-12-12T15:03:39.206Z",
"dateUpdated": "2025-05-20T18:20:53.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-55894 (GCVE-0-2024-55894)
Vulnerability from cvelistv5 – Published: 2025-01-14 19:57 – Updated: 2025-05-20 17:58
VLAI?
Title
TYPO3 Cross-Site Request Forgery in Backend User Module
Summary
TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions: The user opens a malicious link, such as one sent via email. The user visits a compromised or manipulated website while the following settings are misconfigured: 1. `security.backend.enforceReferrer` feature is disabled, 2. `BE/cookieSameSite` configuration is set to lax or none. The vulnerability in the affected downstream component “Backend User Module” allows attackers to initiate password resets for other backend users or to terminate their user sessions. Users are advised to update to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS which fix the problem described.
Severity ?
4.3 (Medium)
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-55894",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T15:45:57.430970Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:46:08.424Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.48"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.42"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.25"
},
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions: The user opens a malicious link, such as one sent via email. The user visits a compromised or manipulated website while the following settings are misconfigured: 1. `security.backend.enforceReferrer` feature is disabled, 2. `BE/cookieSameSite` configuration is set to lax or none. The vulnerability in the affected downstream component \u201cBackend User Module\u201d allows attackers to initiate password resets for other backend users or to terminate their user sessions. Users are advised to update to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS which fix the problem described."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749: Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T17:58:00.457Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-6w4x-gcx3-8p7v",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-6w4x-gcx3-8p7v"
},
{
"name": "https://github.com/TYPO3-CMS/beuser/commit/18603efc3a66d3255fdd04eb6bda6b4d6a95abea",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TYPO3-CMS/beuser/commit/18603efc3a66d3255fdd04eb6bda6b4d6a95abea"
},
{
"name": "https://github.com/TYPO3-CMS/beuser/commit/1bb317cb2bc0b2f6ba4f758a088f060b36c67f9d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TYPO3-CMS/beuser/commit/1bb317cb2bc0b2f6ba4f758a088f060b36c67f9d"
},
{
"name": "https://github.com/TYPO3-CMS/beuser/commit/4142112a878f8805234729751bc6b9c0091560ab",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TYPO3-CMS/beuser/commit/4142112a878f8805234729751bc6b9c0091560ab"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2025-004",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2025-004"
}
],
"source": {
"advisory": "GHSA-6w4x-gcx3-8p7v",
"discovery": "UNKNOWN"
},
"title": "TYPO3 Cross-Site Request Forgery in Backend User Module"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-55894",
"datePublished": "2025-01-14T19:57:28.172Z",
"dateReserved": "2024-12-12T15:03:39.206Z",
"dateUpdated": "2025-05-20T17:58:00.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-55920 (GCVE-0-2024-55920)
Vulnerability from cvelistv5 – Published: 2025-01-14 19:55 – Updated: 2025-01-15 15:47
VLAI?
Title
Cross-Site Request Forgery in Dashboard Module in TYPO3
Summary
TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions: The user opens a malicious link, such as one sent via email. The user visits a compromised or manipulated website while the following settings are misconfigured: 1. `security.backend.enforceReferrer` feature is disabled, 2. `BE/cookieSameSite` configuration is set to lax or none. The vulnerability in the affected downstream component “Dashboard Module” allows attackers to manipulate the victim’s dashboard configuration. Users are advised to update to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS which fix the problem described. There are no known workarounds for this vulnerability.
Severity ?
4.3 (Medium)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-55920",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T15:46:58.987139Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:47:07.282Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.48"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.42"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.25"
},
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions: The user opens a malicious link, such as one sent via email. The user visits a compromised or manipulated website while the following settings are misconfigured: 1. `security.backend.enforceReferrer` feature is disabled, 2. `BE/cookieSameSite` configuration is set to lax or none. The vulnerability in the affected downstream component \u201cDashboard Module\u201d allows attackers to manipulate the victim\u2019s dashboard configuration. Users are advised to update to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS which fix the problem described. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749: Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T19:55:42.459Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-qwx7-39pw-2mhr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-qwx7-39pw-2mhr"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2025-005",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2025-005"
}
],
"source": {
"advisory": "GHSA-qwx7-39pw-2mhr",
"discovery": "UNKNOWN"
},
"title": "Cross-Site Request Forgery in Dashboard Module in TYPO3"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-55920",
"datePublished": "2025-01-14T19:55:42.459Z",
"dateReserved": "2024-12-13T13:40:23.283Z",
"dateUpdated": "2025-01-15T15:47:07.282Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-55921 (GCVE-0-2024-55921)
Vulnerability from cvelistv5 – Published: 2025-01-14 19:36 – Updated: 2025-01-15 15:49
VLAI?
Title
Cross-Site Request Forgery in Extension Manager Module in TYPO3
Summary
TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions: The user opens a malicious link, such as one sent via email. The user visits a compromised or manipulated website while the following settings are misconfigured: 1. `security.backend.enforceReferrer` feature is disabled, 2. `BE/cookieSameSite` configuration is set to lax or none. The vulnerability in the affected downstream component “Extension Manager Module” allows attackers to retrieve and install 3rd party extensions from the TYPO3 Extension Repository - which can lead to remote code execution in the worst case. Users are advised to update to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS which fix the problem described.
Severity ?
7.5 (High)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-55921",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T15:49:17.345047Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:49:28.970Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.48"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.42"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.25"
},
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions: The user opens a malicious link, such as one sent via email. The user visits a compromised or manipulated website while the following settings are misconfigured: 1. `security.backend.enforceReferrer` feature is disabled, 2. `BE/cookieSameSite` configuration is set to lax or none. The vulnerability in the affected downstream component \u201cExtension Manager Module\u201d allows attackers to retrieve and install 3rd party extensions from the TYPO3 Extension Repository - which can lead to remote code execution in the worst case. Users are advised to update to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS which fix the problem described."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749: Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T19:36:32.439Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-4g52-pq8j-6qv5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-4g52-pq8j-6qv5"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2025-006",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2025-006"
}
],
"source": {
"advisory": "GHSA-4g52-pq8j-6qv5",
"discovery": "UNKNOWN"
},
"title": "Cross-Site Request Forgery in Extension Manager Module in TYPO3"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-55921",
"datePublished": "2025-01-14T19:36:32.439Z",
"dateReserved": "2024-12-13T13:40:23.283Z",
"dateUpdated": "2025-01-15T15:49:28.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-55922 (GCVE-0-2024-55922)
Vulnerability from cvelistv5 – Published: 2025-01-14 19:23 – Updated: 2025-01-14 19:42
VLAI?
Title
Cross-Site Request Forgery in Form Framework Module in TYPO3
Summary
TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions: The user opens a malicious link, such as one sent via email. The user visits a compromised or manipulated website while the following settings are misconfigured: 1. `security.backend.enforceReferrer` feature is disabled, 2. `BE/cookieSameSite` configuration is set to lax or none The vulnerability in the affected downstream component “Form Framework Module” allows attackers to manipulate or delete persisted form definitions. Users are advised to update to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS which fix the problem described. There are no known workarounds for this vulnerability.
Severity ?
5.4 (Medium)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-55922",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T19:42:02.361225Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T19:42:15.075Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.48"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.42"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.25"
},
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions: The user opens a malicious link, such as one sent via email. The user visits a compromised or manipulated website while the following settings are misconfigured: 1. `security.backend.enforceReferrer` feature is disabled, 2. `BE/cookieSameSite` configuration is set to lax or none The vulnerability in the affected downstream component \u201cForm Framework Module\u201d allows attackers to manipulate or delete persisted form definitions. Users are advised to update to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS which fix the problem described. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749: Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T19:23:16.769Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-ww7h-g2qf-7xv6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-ww7h-g2qf-7xv6"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2025-007",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2025-007"
}
],
"source": {
"advisory": "GHSA-ww7h-g2qf-7xv6",
"discovery": "UNKNOWN"
},
"title": "Cross-Site Request Forgery in Form Framework Module in TYPO3"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-55922",
"datePublished": "2025-01-14T19:23:16.769Z",
"dateReserved": "2024-12-13T13:40:23.283Z",
"dateUpdated": "2025-01-14T19:42:15.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-55923 (GCVE-0-2024-55923)
Vulnerability from cvelistv5 – Published: 2025-01-14 19:20 – Updated: 2025-01-15 15:01
VLAI?
Title
Cross-Site Request Forgery in Indexed Search Module in TYPO3
Summary
TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions: The user opens a malicious link, such as one sent via email. The user visits a compromised or manipulated website while the following settings are misconfigured: 1. `security.backend.enforceReferrer` feature is disabled, 2. `BE/cookieSameSite` configuration is set to lax or none. The vulnerability in the affected downstream component “Indexed Search Module” allows attackers to delete items of the component. Users are advised to update to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS which fix the problem described. There are no known workarounds for this issue.
Severity ?
4.3 (Medium)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-55923",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T15:01:18.778481Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:01:28.523Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.48"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.42"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.25"
},
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions: The user opens a malicious link, such as one sent via email. The user visits a compromised or manipulated website while the following settings are misconfigured: 1. `security.backend.enforceReferrer` feature is disabled, 2. `BE/cookieSameSite` configuration is set to lax or none. The vulnerability in the affected downstream component \u201cIndexed Search Module\u201d allows attackers to delete items of the component. Users are advised to update to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS which fix the problem described. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749: Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T19:20:11.061Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-7r5q-4qgx-v545",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-7r5q-4qgx-v545"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2025-008",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2025-008"
}
],
"source": {
"advisory": "GHSA-7r5q-4qgx-v545",
"discovery": "UNKNOWN"
},
"title": "Cross-Site Request Forgery in Indexed Search Module in TYPO3"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-55923",
"datePublished": "2025-01-14T19:20:11.061Z",
"dateReserved": "2024-12-13T13:40:23.283Z",
"dateUpdated": "2025-01-15T15:01:28.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-55924 (GCVE-0-2024-55924)
Vulnerability from cvelistv5 – Published: 2025-01-14 19:16 – Updated: 2025-01-15 15:02
VLAI?
Title
Cross-Site Request Forgery in Scheduler Module in TYPO3
Summary
TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions: The user opens a malicious link, such as one sent via email. The user visits a compromised or manipulated website while the following settings are misconfigured: 1. `security.backend.enforceReferrer` feature is disabled, 2. `BE/cookieSameSite` configuration is set to lax or none. The vulnerability in the affected downstream component “Scheduler Module” allows attackers to trigger pre-defined command classes - which can lead to unauthorized import or export of data in the worst case. Users are advised to update to TYPO3 versions 11.5.42 ELTS which fixes the problem described. There are no known workarounds for this vulnerability.
Severity ?
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-55924",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T15:01:55.060402Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:02:04.879Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.42"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions: The user opens a malicious link, such as one sent via email. The user visits a compromised or manipulated website while the following settings are misconfigured: 1. `security.backend.enforceReferrer` feature is disabled, 2. `BE/cookieSameSite` configuration is set to lax or none. The vulnerability in the affected downstream component \u201cScheduler Module\u201d allows attackers to trigger pre-defined command classes - which can lead to unauthorized import or export of data in the worst case. Users are advised to update to TYPO3 versions 11.5.42 ELTS which fixes the problem described. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749: Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T19:16:46.693Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-7835-fcv3-g256",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-7835-fcv3-g256"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2025-009",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2025-009"
}
],
"source": {
"advisory": "GHSA-7835-fcv3-g256",
"discovery": "UNKNOWN"
},
"title": "Cross-Site Request Forgery in Scheduler Module in TYPO3"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-55924",
"datePublished": "2025-01-14T19:16:46.693Z",
"dateReserved": "2024-12-13T13:40:23.284Z",
"dateUpdated": "2025-01-15T15:02:04.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-55945 (GCVE-0-2024-55945)
Vulnerability from cvelistv5 – Published: 2025-01-14 19:14 – Updated: 2025-01-14 19:46
VLAI?
Title
Cross-Site Request Forgery in DB Check Module in TYPO3
Summary
TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions: The user opens a malicious link, such as one sent via email. The user visits a compromised or manipulated website while the following settings are misconfigured: 1. `security.backend.enforceReferrer` feature is disabled, 2. `BE/cookieSameSite` configuration is set to `lax` or `none`. The vulnerability in the affected downstream component “DB Check Module” allows attackers to manipulate data through unauthorized actions. Users are advised to update to TYPO3 versions 11.5.42 ELTS which fixes the problem described. There are no known workarounds for this issue.
Severity ?
4.3 (Medium)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-55945",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T19:46:09.784893Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T19:46:24.390Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.42"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions: The user opens a malicious link, such as one sent via email. The user visits a compromised or manipulated website while the following settings are misconfigured: 1. `security.backend.enforceReferrer` feature is disabled, 2. `BE/cookieSameSite` configuration is set to `lax` or `none`. The vulnerability in the affected downstream component \u201cDB Check Module\u201d allows attackers to manipulate data through unauthorized actions. Users are advised to update to TYPO3 versions 11.5.42 ELTS which fixes the problem described. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749: Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T19:14:33.725Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8mv3-37rc-pvxj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8mv3-37rc-pvxj"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2025-010",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2025-010"
}
],
"source": {
"advisory": "GHSA-8mv3-37rc-pvxj",
"discovery": "UNKNOWN"
},
"title": "Cross-Site Request Forgery in DB Check Module in TYPO3"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-55945",
"datePublished": "2025-01-14T19:14:33.725Z",
"dateReserved": "2024-12-13T17:39:32.959Z",
"dateUpdated": "2025-01-14T19:46:24.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-55891 (GCVE-0-2024-55891)
Vulnerability from cvelistv5 – Published: 2025-01-14 19:11 – Updated: 2025-01-15 15:02
VLAI?
Title
Information Disclosure via Exception Handling/Logger in TYPO3
Summary
TYPO3 is a free and open source Content Management Framework. It has been discovered that the install tool password has been logged as plaintext in case the password hashing mechanism used for the password was incorrect. Users are advised to update to TYPO3 versions 13.4.3 ELTS which fixes the problem described. There are no known workarounds for this vulnerability.
Severity ?
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-55891",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T15:02:31.065992Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:02:46.106Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003c 13.4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is a free and open source Content Management Framework. It has been discovered that the install tool password has been logged as plaintext in case the password hashing mechanism used for the password was incorrect. Users are advised to update to TYPO3 versions 13.4.3 ELTS which fixes the problem described. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T19:11:58.861Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-38x7-cc6w-j27q",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-38x7-cc6w-j27q"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2025-001",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2025-001"
}
],
"source": {
"advisory": "GHSA-38x7-cc6w-j27q",
"discovery": "UNKNOWN"
},
"title": "Information Disclosure via Exception Handling/Logger in TYPO3"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-55891",
"datePublished": "2025-01-14T19:11:58.861Z",
"dateReserved": "2024-12-12T15:03:39.205Z",
"dateUpdated": "2025-01-15T15:02:46.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47780 (GCVE-0-2024-47780)
Vulnerability from cvelistv5 – Published: 2024-10-08 17:57 – Updated: 2024-10-08 18:17
VLAI?
Title
Information Disclosure in TYPO3 Page Tree
Summary
TYPO3 is a free and open source Content Management Framework. Backend users could see items in the backend page tree without having access if the mounts pointed to pages restricted for their user/group, or if no mounts were configured but the pages allowed access to "everybody." However, affected users could not manipulate these pages. Users are advised to update to TYPO3 versions 10.4.46 ELTS, 11.5.40 LTS, 12.4.21 LTS, 13.3.1 that fix the problem described. There are no known workarounds for this vulnerability.
Severity ?
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47780",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T18:17:16.402927Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T18:17:24.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.46"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.40"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.21"
},
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is a free and open source Content Management Framework. Backend users could see items in the backend page tree without having access if the mounts pointed to pages restricted for their user/group, or if no mounts were configured but the pages allowed access to \"everybody.\" However, affected users could not manipulate these pages. Users are advised to update to TYPO3 versions 10.4.46 ELTS, 11.5.40 LTS, 12.4.21 LTS, 13.3.1 that fix the problem described. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T17:57:21.523Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-rf5m-h8q9-9w6q",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-rf5m-h8q9-9w6q"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-012",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-012"
}
],
"source": {
"advisory": "GHSA-rf5m-h8q9-9w6q",
"discovery": "UNKNOWN"
},
"title": "Information Disclosure in TYPO3 Page Tree"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-47780",
"datePublished": "2024-10-08T17:57:21.523Z",
"dateReserved": "2024-09-30T21:28:53.236Z",
"dateUpdated": "2024-10-08T18:17:24.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34358 (GCVE-0-2024-34358)
Vulnerability from cvelistv5 – Published: 2024-05-14 14:26 – Updated: 2024-08-02 02:51
VLAI?
Title
TYPO3 vulnerable to an Uncontrolled Resource Consumption in the ShowImageController
Summary
TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, the `ShowImageController` (`_eID tx_cms_showpic_`) lacks a cryptographic HMAC-signature on the `frame` HTTP query parameter (e.g. `/index.php?eID=tx_cms_showpic?file=3&...&frame=12345`). This allows adversaries to instruct the system to produce an arbitrary number of thumbnail images on the server side. TYPO3 versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, 13.1.1 fix the problem described.
Severity ?
5.3 (Medium)
CWE
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "typo3",
"vendor": "typo3",
"versions": [
{
"lessThan": "9.5.48",
"status": "affected",
"version": "9.0.0",
"versionType": "custom"
},
{
"lessThan": "10.4.45",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
},
{
"lessThan": "11.5.37",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThan": "12.4.15",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "13.1.1",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34358",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T15:43:40.290858Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T15:46:38.522Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:51:11.435Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-36g8-62qv-5957",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-36g8-62qv-5957"
},
{
"name": "https://github.com/TYPO3/typo3/commit/05c95fed869a1a6dcca06c7077b83b6ea866ff14",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/commit/05c95fed869a1a6dcca06c7077b83b6ea866ff14"
},
{
"name": "https://github.com/TYPO3/typo3/commit/1e70ebf736935413b0531004839362b4fb0755a5",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/commit/1e70ebf736935413b0531004839362b4fb0755a5"
},
{
"name": "https://github.com/TYPO3/typo3/commit/df7909b6a1cf0f12a42994d0cc3376b607746142",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/commit/df7909b6a1cf0f12a42994d0cc3376b607746142"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-010",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 9.0.0, \u003c 9.5.48"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.45"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.37"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.15"
},
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, the `ShowImageController` (`_eID tx_cms_showpic_`) lacks a cryptographic HMAC-signature on the `frame` HTTP query parameter (e.g. `/index.php?eID=tx_cms_showpic?file=3\u0026...\u0026frame=12345`). This allows adversaries to instruct the system to produce an arbitrary number of thumbnail images on the server side. TYPO3 versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, 13.1.1 fix the problem described."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347: Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-14T14:26:36.422Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-36g8-62qv-5957",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-36g8-62qv-5957"
},
{
"name": "https://github.com/TYPO3/typo3/commit/05c95fed869a1a6dcca06c7077b83b6ea866ff14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TYPO3/typo3/commit/05c95fed869a1a6dcca06c7077b83b6ea866ff14"
},
{
"name": "https://github.com/TYPO3/typo3/commit/1e70ebf736935413b0531004839362b4fb0755a5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TYPO3/typo3/commit/1e70ebf736935413b0531004839362b4fb0755a5"
},
{
"name": "https://github.com/TYPO3/typo3/commit/df7909b6a1cf0f12a42994d0cc3376b607746142",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TYPO3/typo3/commit/df7909b6a1cf0f12a42994d0cc3376b607746142"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-010",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-010"
}
],
"source": {
"advisory": "GHSA-36g8-62qv-5957",
"discovery": "UNKNOWN"
},
"title": "TYPO3 vulnerable to an Uncontrolled Resource Consumption in the ShowImageController"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-34358",
"datePublished": "2024-05-14T14:26:36.422Z",
"dateReserved": "2024-05-02T06:36:32.438Z",
"dateUpdated": "2024-08-02T02:51:11.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34357 (GCVE-0-2024-34357)
Vulnerability from cvelistv5 – Published: 2024-05-14 14:13 – Updated: 2024-08-02 02:51
VLAI?
Title
TYPO3 vulnerable to Cross-Site Scripting in ShowImageController
Summary
TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, failing to properly encode user-controlled values in file entities, the `ShowImageController` (`_eID tx_cms_showpic_`) is vulnerable to cross-site scripting. Exploiting this vulnerability requires a valid backend user account with access to file entities. TYPO3 versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, 13.1.1 fix the problem described.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34357",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T15:47:12.578608Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T15:47:27.316Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:51:11.194Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-hw6c-6gwq-3m3m",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-hw6c-6gwq-3m3m"
},
{
"name": "https://github.com/TYPO3/typo3/commit/376474904f6b9a54dc1b785a2e45277cbd13b0d7",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/commit/376474904f6b9a54dc1b785a2e45277cbd13b0d7"
},
{
"name": "https://github.com/TYPO3/typo3/commit/b31d05d1da3eeaeead2d19eb43b1c3f9c88e15ee",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/commit/b31d05d1da3eeaeead2d19eb43b1c3f9c88e15ee"
},
{
"name": "https://github.com/TYPO3/typo3/commit/d774642381354d3bf5095a5a26e18acd2767f0b1",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/commit/d774642381354d3bf5095a5a26e18acd2767f0b1"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-009",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 9.0.0, \u003c 9.5.48"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.45"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.37"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.15"
},
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, failing to properly encode user-controlled values in file entities, the `ShowImageController` (`_eID tx_cms_showpic_`) is vulnerable to cross-site scripting. Exploiting this vulnerability requires a valid backend user account with access to file entities. TYPO3 versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, 13.1.1 fix the problem described."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-14T14:25:53.339Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-hw6c-6gwq-3m3m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-hw6c-6gwq-3m3m"
},
{
"name": "https://github.com/TYPO3/typo3/commit/376474904f6b9a54dc1b785a2e45277cbd13b0d7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TYPO3/typo3/commit/376474904f6b9a54dc1b785a2e45277cbd13b0d7"
},
{
"name": "https://github.com/TYPO3/typo3/commit/b31d05d1da3eeaeead2d19eb43b1c3f9c88e15ee",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TYPO3/typo3/commit/b31d05d1da3eeaeead2d19eb43b1c3f9c88e15ee"
},
{
"name": "https://github.com/TYPO3/typo3/commit/d774642381354d3bf5095a5a26e18acd2767f0b1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TYPO3/typo3/commit/d774642381354d3bf5095a5a26e18acd2767f0b1"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-009",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-009"
}
],
"source": {
"advisory": "GHSA-hw6c-6gwq-3m3m",
"discovery": "UNKNOWN"
},
"title": "TYPO3 vulnerable to Cross-Site Scripting in ShowImageController"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-34357",
"datePublished": "2024-05-14T14:13:11.860Z",
"dateReserved": "2024-05-02T06:36:32.438Z",
"dateUpdated": "2024-08-02T02:51:11.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34356 (GCVE-0-2024-34356)
Vulnerability from cvelistv5 – Published: 2024-05-14 14:05 – Updated: 2024-08-02 02:51
VLAI?
Title
TYPO3 vulnerable to Cross-Site Scripting in the Form Manager Module
Summary
TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, the form manager backend module is vulnerable to cross-site scripting. Exploiting this vulnerability requires a valid backend user account with access to the form module. TYPO3 versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1 fix the problem described.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34356",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-14T15:21:11.529326Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:41:04.744Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:51:11.450Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-v6mw-h7w6-59w3",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-v6mw-h7w6-59w3"
},
{
"name": "https://github.com/TYPO3/typo3/commit/2832e2f51f929aeddb5de7d667538a33ceda8156",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/commit/2832e2f51f929aeddb5de7d667538a33ceda8156"
},
{
"name": "https://github.com/TYPO3/typo3/commit/d0393a879a32fb4e3569acad6bdb5cda776be1e5",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/commit/d0393a879a32fb4e3569acad6bdb5cda776be1e5"
},
{
"name": "https://github.com/TYPO3/typo3/commit/e95a1224719efafb9cab2d85964f240fd0356e64",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/commit/e95a1224719efafb9cab2d85964f240fd0356e64"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-008",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-008"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 9.0.0, \u003c 9.5.48"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.45"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.37"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.15"
},
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, the form manager backend module is vulnerable to cross-site scripting. Exploiting this vulnerability requires a valid backend user account with access to the form module. TYPO3 versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1 fix the problem described."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-14T14:05:19.851Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-v6mw-h7w6-59w3",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-v6mw-h7w6-59w3"
},
{
"name": "https://github.com/TYPO3/typo3/commit/2832e2f51f929aeddb5de7d667538a33ceda8156",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TYPO3/typo3/commit/2832e2f51f929aeddb5de7d667538a33ceda8156"
},
{
"name": "https://github.com/TYPO3/typo3/commit/d0393a879a32fb4e3569acad6bdb5cda776be1e5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TYPO3/typo3/commit/d0393a879a32fb4e3569acad6bdb5cda776be1e5"
},
{
"name": "https://github.com/TYPO3/typo3/commit/e95a1224719efafb9cab2d85964f240fd0356e64",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TYPO3/typo3/commit/e95a1224719efafb9cab2d85964f240fd0356e64"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-008",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-008"
}
],
"source": {
"advisory": "GHSA-v6mw-h7w6-59w3",
"discovery": "UNKNOWN"
},
"title": "TYPO3 vulnerable to Cross-Site Scripting in the Form Manager Module"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-34356",
"datePublished": "2024-05-14T14:05:19.851Z",
"dateReserved": "2024-05-02T06:36:32.438Z",
"dateUpdated": "2024-08-02T02:51:11.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34355 (GCVE-0-2024-34355)
Vulnerability from cvelistv5 – Published: 2024-05-14 14:01 – Updated: 2024-08-02 02:51
VLAI?
Title
TYPO3 vulnerable to an HTML Injection in the History Module
Summary
TYPO3 is an enterprise content management system. Starting in version 13.0.0 and prior to version 13.1.1, the history backend module is vulnerable to HTML injection. Although Content-Security-Policy headers effectively prevent JavaScript execution, adversaries can still inject malicious HTML markup. Exploiting this vulnerability requires a valid backend user account. TYPO3 version 13.1.1 fixes the problem described.
Severity ?
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34355",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T13:21:14.096134Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:42:41.383Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:51:11.144Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-xjwx-78x7-q6jc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-xjwx-78x7-q6jc"
},
{
"name": "https://github.com/TYPO3/typo3/commit/56afa304ba8b5ad302e15df5def71bcc8d820375",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/commit/56afa304ba8b5ad302e15df5def71bcc8d820375"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-007",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is an enterprise content management system. Starting in version 13.0.0 and prior to version 13.1.1, the history backend module is vulnerable to HTML injection. Although Content-Security-Policy headers effectively prevent JavaScript execution, adversaries can still inject malicious HTML markup. Exploiting this vulnerability requires a valid backend user account. TYPO3 version 13.1.1 fixes the problem described."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "CWE-116: Improper Encoding or Escaping of Output",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-14T14:01:32.753Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-xjwx-78x7-q6jc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-xjwx-78x7-q6jc"
},
{
"name": "https://github.com/TYPO3/typo3/commit/56afa304ba8b5ad302e15df5def71bcc8d820375",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TYPO3/typo3/commit/56afa304ba8b5ad302e15df5def71bcc8d820375"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-007",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-007"
}
],
"source": {
"advisory": "GHSA-xjwx-78x7-q6jc",
"discovery": "UNKNOWN"
},
"title": "TYPO3 vulnerable to an HTML Injection in the History Module"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-34355",
"datePublished": "2024-05-14T14:01:32.753Z",
"dateReserved": "2024-05-02T06:36:32.438Z",
"dateUpdated": "2024-08-02T02:51:11.144Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25118 (GCVE-0-2024-25118)
Vulnerability from cvelistv5 – Published: 2024-02-13 22:19 – Updated: 2024-08-01 23:36
VLAI?
Title
Information Disclosure of Hashed Passwords in TYPO3 Backend Forms
Summary
TYPO3 is an open source PHP based web content management system released under the GNU GPL. Password hashes were being reflected in the editing forms of the TYPO3 backend user interface. This allowed attackers to crack the plaintext password using brute force techniques. Exploiting this vulnerability requires a valid backend user account. Users are advised to update to TYPO3 versions 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, 13.0.1 that fix the problem described. There are no known workarounds for this issue.
Severity ?
4.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25118",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T17:58:02.961049Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:35:53.986Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:36:21.691Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-38r2-5695-334w",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-38r2-5695-334w"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-003",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-003"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.0.1"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.11"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.35"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.43"
},
{
"status": "affected",
"version": "\u003e= 9.0.0, \u003c 9.5.46"
},
{
"status": "affected",
"version": "\u003e= 8.0.0, \u003c 8.7.57"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is an open source PHP based web content management system released under the GNU GPL. Password hashes were being reflected in the editing forms of the TYPO3 backend user interface. This allowed attackers to crack the plaintext password using brute force techniques. Exploiting this vulnerability requires a valid backend user account. Users are advised to update to TYPO3 versions 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, 13.0.1 that fix the problem described. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-13T22:19:22.690Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-38r2-5695-334w",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-38r2-5695-334w"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-003",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-003"
}
],
"source": {
"advisory": "GHSA-38r2-5695-334w",
"discovery": "UNKNOWN"
},
"title": "Information Disclosure of Hashed Passwords in TYPO3 Backend Forms"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-25118",
"datePublished": "2024-02-13T22:19:22.690Z",
"dateReserved": "2024-02-05T14:14:46.379Z",
"dateUpdated": "2024-08-01T23:36:21.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25119 (GCVE-0-2024-25119)
Vulnerability from cvelistv5 – Published: 2024-02-13 22:16 – Updated: 2024-08-01 23:36
VLAI?
Title
Information Disclosure of Encryption Key in TYPO3 Install Tool
Summary
TYPO3 is an open source PHP based web content management system released under the GNU GPL. The plaintext value of `$GLOBALS['SYS']['encryptionKey']` was displayed in the editing forms of the TYPO3 Install Tool user interface. This allowed attackers to utilize the value to generate cryptographic hashes used for verifying the authenticity of HTTP request parameters. Exploiting this vulnerability requires an administrator-level backend user account with system maintainer permissions. Users are advised to update to TYPO3 versions 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, 13.0.1 that fix the problem described. There are no known workarounds for this vulnerability.
Severity ?
4.9 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25119",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-14T15:01:19.406111Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:35:39.545Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:36:21.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-h47m-3f78-qp9g",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-h47m-3f78-qp9g"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-004",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.0.1"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.11"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.35"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.43"
},
{
"status": "affected",
"version": "\u003e= 9.0.0, \u003c 9.5.46"
},
{
"status": "affected",
"version": "\u003e= 8.0.0, \u003c 8.7.57"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is an open source PHP based web content management system released under the GNU GPL. The plaintext value of `$GLOBALS[\u0027SYS\u0027][\u0027encryptionKey\u0027]` was displayed in the editing forms of the TYPO3 Install Tool user interface. This allowed attackers to utilize the value to generate cryptographic hashes used for verifying the authenticity of HTTP request parameters. Exploiting this vulnerability requires an administrator-level backend user account with system maintainer permissions. Users are advised to update to TYPO3 versions 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, 13.0.1 that fix the problem described. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-13T22:16:37.103Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-h47m-3f78-qp9g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-h47m-3f78-qp9g"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-004",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-004"
}
],
"source": {
"advisory": "GHSA-h47m-3f78-qp9g",
"discovery": "UNKNOWN"
},
"title": "Information Disclosure of Encryption Key in TYPO3 Install Tool"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-25119",
"datePublished": "2024-02-13T22:16:37.103Z",
"dateReserved": "2024-02-05T14:14:46.379Z",
"dateUpdated": "2024-08-01T23:36:21.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25120 (GCVE-0-2024-25120)
Vulnerability from cvelistv5 – Published: 2024-02-13 22:15 – Updated: 2025-04-24 15:38
VLAI?
Title
Improper Access Control of Resources Referenced by t3:// URI Scheme in TYPO3
Summary
TYPO3 is an open source PHP based web content management system released under the GNU GPL. The TYPO3-specific `t3://` URI scheme could be used to access resources outside of the users' permission scope. This encompassed files, folders, pages, and records (although only if a valid link-handling configuration was provided). Exploiting this vulnerability requires a valid backend user account. Users are advised to update to TYPO3 versions 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, 13.0.1 that fix the problem described. There are no known workarounds for this issue.
Severity ?
4.3 (Medium)
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25120",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-14T15:55:10.696116Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T15:38:47.572Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:36:21.641Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-wf85-8hx9-gj7c",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-wf85-8hx9-gj7c"
},
{
"name": "https://docs.typo3.org/m/typo3/reference-typoscript/main/en-us/Functions/Typolink.html#resource-references",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.typo3.org/m/typo3/reference-typoscript/main/en-us/Functions/Typolink.html#resource-references"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-005",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-005"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.0.1"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.11"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.35"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.43"
},
{
"status": "affected",
"version": "\u003e= 9.0.0, \u003c 9.5.46"
},
{
"status": "affected",
"version": "\u003e= 8.0.0, \u003c 8.7.57"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is an open source PHP based web content management system released under the GNU GPL. The TYPO3-specific `t3://` URI scheme could be used to access resources outside of the users\u0027 permission scope. This encompassed files, folders, pages, and records (although only if a valid link-handling configuration was provided). Exploiting this vulnerability requires a valid backend user account. Users are advised to update to TYPO3 versions 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, 13.0.1 that fix the problem described. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-13T22:15:13.294Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-wf85-8hx9-gj7c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-wf85-8hx9-gj7c"
},
{
"name": "https://docs.typo3.org/m/typo3/reference-typoscript/main/en-us/Functions/Typolink.html#resource-references",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.typo3.org/m/typo3/reference-typoscript/main/en-us/Functions/Typolink.html#resource-references"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-005",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-005"
}
],
"source": {
"advisory": "GHSA-wf85-8hx9-gj7c",
"discovery": "UNKNOWN"
},
"title": "Improper Access Control of Resources Referenced by t3:// URI Scheme in TYPO3"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-25120",
"datePublished": "2024-02-13T22:15:13.294Z",
"dateReserved": "2024-02-05T14:14:46.379Z",
"dateUpdated": "2025-04-24T15:38:47.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25121 (GCVE-0-2024-25121)
Vulnerability from cvelistv5 – Published: 2024-02-13 22:14 – Updated: 2025-05-09 18:30
VLAI?
Title
Improper Access Control Persisting File Abstraction Layer Entities via Data Handler in TYPO3
Summary
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions of TYPO3 entities of the File Abstraction Layer (FAL) could be persisted directly via `DataHandler`. This allowed attackers to reference files in the fallback storage directly and retrieve their file names and contents. The fallback storage ("zero-storage") is used as a backward compatibility layer for files located outside properly configured file storages and within the public web root directory. Exploiting this vulnerability requires a valid backend user account. Users are advised to update to TYPO3 version 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, or 13.0.1 which fix the problem described. When persisting entities of the File Abstraction Layer directly via DataHandler, `sys_file` entities are now denied by default, and `sys_file_reference` & `sys_file_metadata` entities are not permitted to reference files in the fallback storage anymore. When importing data from secure origins, this must be explicitly enabled in the corresponding DataHandler instance by using `$dataHandler->isImporting = true;`.
Severity ?
7.1 (High)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:36:21.619Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-rj3x-wvc6-5j66",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-rj3x-wvc6-5j66"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-006",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-006"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25121",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T19:07:53.501790Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T18:30:22.296Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.0.1"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.4.11"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.35"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.43"
},
{
"status": "affected",
"version": "\u003e= 9.0.0, \u003c 9.5.46"
},
{
"status": "affected",
"version": "\u003e= 8.0.0, \u003c 8.7.57"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions of TYPO3 entities of the File Abstraction Layer (FAL) could be persisted directly via `DataHandler`. This allowed attackers to reference files in the fallback storage directly and retrieve their file names and contents. The fallback storage (\"zero-storage\") is used as a backward compatibility layer for files located outside properly configured file storages and within the public web root directory. Exploiting this vulnerability requires a valid backend user account. Users are advised to update to TYPO3 version 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, or 13.0.1 which fix the problem described. When persisting entities of the File Abstraction Layer directly via DataHandler, `sys_file` entities are now denied by default, and `sys_file_reference` \u0026 `sys_file_metadata` entities are not permitted to reference files in the fallback storage anymore. When importing data from secure origins, this must be explicitly enabled in the corresponding DataHandler instance by using `$dataHandler-\u003eisImporting = true;`.\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-13T22:14:40.926Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-rj3x-wvc6-5j66",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-rj3x-wvc6-5j66"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-006",
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-006"
}
],
"source": {
"advisory": "GHSA-rj3x-wvc6-5j66",
"discovery": "UNKNOWN"
},
"title": "Improper Access Control Persisting File Abstraction Layer Entities via Data Handler in TYPO3"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-25121",
"datePublished": "2024-02-13T22:14:40.926Z",
"dateReserved": "2024-02-05T14:14:46.379Z",
"dateUpdated": "2025-05-09T18:30:22.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}