CNNVD-202509-1412 Information

CNNVD ID

CNNVD-202509-1412

Related CVE

CVE-2025-59018

• CNNVD Published: 2025-09-09

Description (Chinese)

TYPO3 CMS是TYPO3开源的一个内容管理系统。 TYPO3 CMS存在安全漏洞，该漏洞源于工作区模块缺少授权检查，可能导致敏感信息泄露。以下版本受到影响：9.5.54及之前版本、10.4.53及之前版本、11.5.47及之前版本、12.4.36及之前版本和13.4.17及之前版本。

Description (English)

TYPO3 CMS is a TYPO3 open source content management system. There is a security loophole in TYPO3 CMS, which stems from the lack of authorization for inspection of work area modules, which may lead to the disclosure of sensitive information. The following versions were affected: 9.5.54 and earlier, 10.4.53 and earlier, 11..5.47 and earlier, 12.4.3 and before and 13.4.17 and earlier.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

TYPO3

Published

2025-09-09

Last Modified

2026-02-24

References

https://typo3.org/security/advisory/typo3-core-sa-2025-021 https://www.cve.org/CVERecord?id=CVE-2025-59017 https://vigilance.fr/vulnerability/TYPO3-Core-information-disclosure-via-Workspaces-Module-48166

Patch

https://get.typo3.org/