CNNVD-202511-1427 Information

CNNVD ID

CNNVD-202511-1427

Related CVE

CVE-2025-12998

• CNNVD Published: 2025-11-12

Description (Chinese)

TYPO3 Extension Modules是TYPO3开源的一个内容管理系统中的扩展模块。 TYPO3 Extension Modules存在安全漏洞，该漏洞源于身份验证不当。以下版本受到影响：4.3.11之前版本、5.0.0版本至5.7.4版本、6.0.0版本至6.4.2版本和7.0.0版本至7.5.5版本。

Description (English)

TYPO3 Expression Modules is an extended module in a TYPO3 open-source content management system. There is a security loophole in TYPO3 Extension Modules, which stems from improper identification. The following versions were affected: pre-4.3.11, 5.0.0 to 5.7.4, 6.0.0 to 6.4.2 and 7.0.0 to 7.5.5.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

TYPO3

Published

2025-11-12

Last Modified

2026-02-24

References

https://typo3.org/security/advisory/typo3-ext-sa-2025-015 https://vigilance.fr/vulnerability/TYPO3-Modules-user-access-via-allowNonAdminUsersToLoginAsFrontendUser-48735

Patch

https://typo3.org/security/advisory/typo3-ext-sa-2025-015