CNNVD-202509-1417 Information

CNNVD ID

CNNVD-202509-1417

Related CVE

CVE-2025-59013

• CNNVD Published: 2025-09-09

Description (Chinese)

TYPO3 CMS是TYPO3开源的一个内容管理系统。 TYPO3 CMS存在安全漏洞，该漏洞源于GeneralUtility::sanitizeLocalUrl存在开放重定向，可能导致钓鱼攻击。以下版本受到影响：9.5.54及之前版本、10.4.53及之前版本、11.5.47及之前版本、12.4.36及之前版本和13.4.17及之前版本。

Description (English)

TYPO3 CMS is a TYPO3 open source content management system. There is a security loophole in TYPO3 CMS, which stems from the open re-direction of General Utility: :sanitizeLocalurl, which may lead to fishing attacks. The following versions were affected: 9.5.54 and earlier, 10.4.53 and earlier, 11..5.47 and earlier, 12.4.3 and before and 13.4.17 and earlier.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

TYPO3

Published

2025-09-09

Last Modified

2026-02-24

References

https://typo3.org/security/advisory/typo3-core-sa-2025-017 https://vigilance.fr/vulnerability/TYPO3-Core-open-redirect-via-sanitizeLocalUrl-48161

Patch

https://get.typo3.org/