CVSS: 8.3EPSS: 0%CPEs: 4EXPL: 0CVE-2025-47940 – TYPO3 CMS Vulnerable to Privilege Escalation to System Maintainer
https://notcve.org/view.php?id=CVE-2025-47940
20 May 2025 — TYPO3 is an open source, PHP based web content management system. Starting in version 10.0.0 and prior to versions 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, administrator-level backend users without system maintainer privileges can escalate their privileges and gain system maintainer access. Exploiting this vulnerability requires a valid administrator account. Users should update to TYPO3 version 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS to fix the problem. • https://github.com/TYPO3/typo3/security/advisories/GHSA-6frx-j292-c844 • CWE-283: Unverified Ownership •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-47939 – TYPO3 CMS Vulnerable to Unrestricted File Upload in File Abstraction Layer
https://notcve.org/view.php?id=CVE-2025-47939
20 May 2025 — TYPO3 is an open source, PHP based web content management system. By design, the file management module in TYPO3’s backend user interface has historically allowed the upload of any file type, with the exception of those that are directly executable in a web server context. This lack of restriction means it is possible to upload files that may be considered potentially harmful, such as executable binaries (e.g., `.exe` files), or files with inconsistent file extensions and MIME types (for example, a file inc... • https://github.com/TYPO3/typo3/security/advisories/GHSA-9hq9-cr36-4wpj • CWE-351: Insufficient Type Distinction CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2025-47938 – TYPO3 Vulnerable to Unverified Password Change for Backend Users
https://notcve.org/view.php?id=CVE-2025-47938
20 May 2025 — TYPO3 is an open source, PHP based web content management system. Starting in version 9.0.0 and prior to versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, the backend user management interface allows password changes without requiring the current password. When an administrator updates their own account or modifies other user accounts via the admin interface, the current password is not requested for verification. This behavior may lower the protection against unauthorized acce... • https://github.com/TYPO3/typo3/security/advisories/GHSA-3jrg-97f3-rqh9 • CWE-620: Unverified Password Change •
CVSS: 3.7EPSS: 0%CPEs: 5EXPL: 0CVE-2025-47937 – TYPO3 Vulnerable to Information Disclosure via DBAL Restriction Handling
https://notcve.org/view.php?id=CVE-2025-47937
20 May 2025 — TYPO3 is an open source, PHP based web content management system. Starting in version 9.0.0 and prior to versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, when performing a database query involving multiple tables through the database abstraction layer (DBAL), frontend user permissions are only applied via `FrontendGroupRestriction` to the first table. As a result, data from additional tables included in the same query may be unintentionally exposed to unauthorized users. Users... • https://github.com/TYPO3/typo3/security/advisories/GHSA-x8pv-fgxp-8v3x • CWE-863: Incorrect Authorization •
CVSS: 4.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-55892 – Potential Open Redirect via Parsing Differences in TYPO3
https://notcve.org/view.php?id=CVE-2024-55892
14 Jan 2025 — TYPO3 is a free and open source Content Management Framework. Applications that use `TYPO3\CMS\Core\Http\Uri` to parse externally provided URLs (e.g., via a query parameter) and validate the host of the parsed URL may be vulnerable to open redirect or SSRF attacks if the URL is used after passing the validation checks. Users are advised to update to TYPO3 versions 9.5.49 ELTS, 10.4.48 ELTS, 11.5.42 LTS, 12.4.25 LTS, 13.4.3 which fix the problem described. There are no known workarounds for this vulnerabilit... • https://github.com/TYPO3/typo3/security/advisories/GHSA-2fx5-pggv-6jjr • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-55893 – TYPO3 Cross-Site Request Forgery in Log Module
https://notcve.org/view.php?id=CVE-2024-55893
14 Jan 2025 — TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backen... • https://github.com/TYPO3/typo3/security/advisories/GHSA-cjfr-9f5r-3q93 • CWE-352: Cross-Site Request Forgery (CSRF) CWE-749: Exposed Dangerous Method or Function •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-55894 – TYPO3 Cross-Site Request Forgery in Backend User Module
https://notcve.org/view.php?id=CVE-2024-55894
14 Jan 2025 — TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backen... • https://github.com/TYPO3/typo3/security/advisories/GHSA-6w4x-gcx3-8p7v • CWE-352: Cross-Site Request Forgery (CSRF) CWE-749: Exposed Dangerous Method or Function •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-55920 – Cross-Site Request Forgery in Dashboard Module in TYPO3
https://notcve.org/view.php?id=CVE-2024-55920
14 Jan 2025 — TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backen... • https://github.com/TYPO3/typo3/security/advisories/GHSA-qwx7-39pw-2mhr • CWE-352: Cross-Site Request Forgery (CSRF) CWE-749: Exposed Dangerous Method or Function •
CVSS: 7.6EPSS: 0%CPEs: 4EXPL: 0CVE-2024-55921 – Cross-Site Request Forgery in Extension Manager Module in TYPO3
https://notcve.org/view.php?id=CVE-2024-55921
14 Jan 2025 — TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backen... • https://github.com/TYPO3/typo3/security/advisories/GHSA-4g52-pq8j-6qv5 • CWE-352: Cross-Site Request Forgery (CSRF) CWE-749: Exposed Dangerous Method or Function •
CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-55922 – Cross-Site Request Forgery in Form Framework Module in TYPO3
https://notcve.org/view.php?id=CVE-2024-55922
14 Jan 2025 — TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backen... • https://github.com/TYPO3/typo3/security/advisories/GHSA-ww7h-g2qf-7xv6 • CWE-352: Cross-Site Request Forgery (CSRF) CWE-749: Exposed Dangerous Method or Function •