CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-47939 – TYPO3 CMS Vulnerable to Unrestricted File Upload in File Abstraction Layer
https://notcve.org/view.php?id=CVE-2025-47939
20 May 2025 — TYPO3 is an open source, PHP based web content management system. By design, the file management module in TYPO3’s backend user interface has historically allowed the upload of any file type, with the exception of those that are directly executable in a web server context. This lack of restriction means it is possible to upload files that may be considered potentially harmful, such as executable binaries (e.g., `.exe` files), or files with inconsistent file extensions and MIME types (for example, a file inc... • https://github.com/TYPO3/typo3/security/advisories/GHSA-9hq9-cr36-4wpj • CWE-351: Insufficient Type Distinction CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2025-47938 – TYPO3 Vulnerable to Unverified Password Change for Backend Users
https://notcve.org/view.php?id=CVE-2025-47938
20 May 2025 — TYPO3 is an open source, PHP based web content management system. Starting in version 9.0.0 and prior to versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, the backend user management interface allows password changes without requiring the current password. When an administrator updates their own account or modifies other user accounts via the admin interface, the current password is not requested for verification. This behavior may lower the protection against unauthorized acce... • https://github.com/TYPO3/typo3/security/advisories/GHSA-3jrg-97f3-rqh9 • CWE-620: Unverified Password Change •
CVSS: 3.7EPSS: 0%CPEs: 5EXPL: 0CVE-2025-47937 – TYPO3 Vulnerable to Information Disclosure via DBAL Restriction Handling
https://notcve.org/view.php?id=CVE-2025-47937
20 May 2025 — TYPO3 is an open source, PHP based web content management system. Starting in version 9.0.0 and prior to versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, when performing a database query involving multiple tables through the database abstraction layer (DBAL), frontend user permissions are only applied via `FrontendGroupRestriction` to the first table. As a result, data from additional tables included in the same query may be unintentionally exposed to unauthorized users. Users... • https://github.com/TYPO3/typo3/security/advisories/GHSA-x8pv-fgxp-8v3x • CWE-863: Incorrect Authorization •
CVSS: 4.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-55892 – Potential Open Redirect via Parsing Differences in TYPO3
https://notcve.org/view.php?id=CVE-2024-55892
14 Jan 2025 — TYPO3 is a free and open source Content Management Framework. Applications that use `TYPO3\CMS\Core\Http\Uri` to parse externally provided URLs (e.g., via a query parameter) and validate the host of the parsed URL may be vulnerable to open redirect or SSRF attacks if the URL is used after passing the validation checks. Users are advised to update to TYPO3 versions 9.5.49 ELTS, 10.4.48 ELTS, 11.5.42 LTS, 12.4.25 LTS, 13.4.3 which fix the problem described. There are no known workarounds for this vulnerabilit... • https://github.com/TYPO3/typo3/security/advisories/GHSA-2fx5-pggv-6jjr • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 3.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-55891 – Information Disclosure via Exception Handling/Logger in TYPO3
https://notcve.org/view.php?id=CVE-2024-55891
14 Jan 2025 — TYPO3 is a free and open source Content Management Framework. It has been discovered that the install tool password has been logged as plaintext in case the password hashing mechanism used for the password was incorrect. Users are advised to update to TYPO3 versions 13.4.3 ELTS which fixes the problem described. There are no known workarounds for this vulnerability. • https://github.com/TYPO3/typo3/security/advisories/GHSA-38x7-cc6w-j27q • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2024-34358 – TYPO3 vulnerable to an Uncontrolled Resource Consumption in the ShowImageController
https://notcve.org/view.php?id=CVE-2024-34358
14 May 2024 — TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, the `ShowImageController` (`_eID tx_cms_showpic_`) lacks a cryptographic HMAC-signature on the `frame` HTTP query parameter (e.g. `/index.php?eID=tx_cms_showpic?file=3&... • https://github.com/TYPO3/typo3/commit/05c95fed869a1a6dcca06c7077b83b6ea866ff14 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-34357 – TYPO3 vulnerable to Cross-Site Scripting in ShowImageController
https://notcve.org/view.php?id=CVE-2024-34357
14 May 2024 — TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, failing to properly encode user-controlled values in file entities, the `ShowImageController` (`_eID tx_cms_showpic_`) is vulnerable to cross-site scripting. Exploiting this vulnerability requires a valid backend user account with access to file entities. TYPO3 versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, 13.1.1 fix the problem de... • https://github.com/TYPO3/typo3/commit/376474904f6b9a54dc1b785a2e45277cbd13b0d7 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-34356 – TYPO3 vulnerable to Cross-Site Scripting in the Form Manager Module
https://notcve.org/view.php?id=CVE-2024-34356
14 May 2024 — TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, the form manager backend module is vulnerable to cross-site scripting. Exploiting this vulnerability requires a valid backend user account with access to the form module. TYPO3 versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1 fix the problem described. TYPO3 es un sistema de gestión de contenidos empresariales. • https://github.com/TYPO3/typo3/commit/2832e2f51f929aeddb5de7d667538a33ceda8156 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-25118 – Information Disclosure of Hashed Passwords in TYPO3 Backend Forms
https://notcve.org/view.php?id=CVE-2024-25118
13 Feb 2024 — TYPO3 is an open source PHP based web content management system released under the GNU GPL. Password hashes were being reflected in the editing forms of the TYPO3 backend user interface. This allowed attackers to crack the plaintext password using brute force techniques. Exploiting this vulnerability requires a valid backend user account. Users are advised to update to TYPO3 versions 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, 13.0.1 that fix the problem described. • https://github.com/TYPO3/typo3/security/advisories/GHSA-38r2-5695-334w • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2024-25119 – Information Disclosure of Encryption Key in TYPO3 Install Tool
https://notcve.org/view.php?id=CVE-2024-25119
13 Feb 2024 — TYPO3 is an open source PHP based web content management system released under the GNU GPL. The plaintext value of `$GLOBALS['SYS']['encryptionKey']` was displayed in the editing forms of the TYPO3 Install Tool user interface. This allowed attackers to utilize the value to generate cryptographic hashes used for verifying the authenticity of HTTP request parameters. Exploiting this vulnerability requires an administrator-level backend user account with system maintainer permissions. Users are advised to upda... • https://github.com/TYPO3/typo3/security/advisories/GHSA-h47m-3f78-qp9g • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •