CNNVD-202509-1413 Information

CNNVD ID

CNNVD-202509-1413

Related CVE

CVE-2025-59017

• CNNVD Published: 2025-09-09

Description (Chinese)

TYPO3 CMS是TYPO3开源的一个内容管理系统。 TYPO3 CMS存在安全漏洞，该漏洞源于后端路由缺少授权检查，可能导致未经授权的AJAX调用。以下版本受到影响：9.5.54及之前版本、10.4.53及之前版本、11.5.47及之前版本、12.4.36及之前版本和13.4.17及之前版本。

Description (English)

TYPO3 CMS is a TYPO3 open source content management system. There is a security loophole in TYPO3 CMS, which stems from the lack of authorization to check back-end routes, which could lead to unauthorized AJAX calls. The following versions were affected: 9.5.54 and earlier, 10.4.53 and earlier, 11..5.47 and earlier, 12.4.3 and before and 13.4.17 and earlier.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

TYPO3

Published

2025-09-09

Last Modified

2026-02-24

References

https://typo3.org/security/advisory/typo3-core-sa-2025-021 https://vigilance.fr/vulnerability/TYPO3-Core-ingress-filtrering-bypass-via-Backend-AJAX-Routes-48165

Patch

https://get.typo3.org/