CNNVD-202601-2302 Information
CNNVD ID
CNNVD-202601-2302
Related CVE
- CNNVD Published: 2026-01-13
Description (Chinese)
TYPO3 CMS是TYPO3开源的一个内容管理系统。 TYPO3 CMS存在安全漏洞,该漏洞源于邮件文件暂存反序列化缺陷,可能导致任意PHP代码执行。以下版本受到影响:10.0.0版本至10.4.54版本、11.0.0版本至11.5.48版本、12.0.0版本至12.4.40版本、13.0.0版本至13.4.22版本和14.0.0版本至14.0.1版本。
Description (English)
TYPO3 CMS is a TYPO3 open source content management system. There is a security gap in TYPO3 CMS, which stems from the temporary inverse sequenced deficiencies of mail files, which may lead to any PHP code execution. The following versions are affected: 10.0.0 to 10.4.54, 11.0.0 to 11.5.48, 12.0.0 to 12.4.40, 13.0.0 to 13.4.2 and 14.0.0 to 14.0.1.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
TYPO3
Published
2026-01-13
Last Modified
2026-02-24
References
https://github.com/TYPO3/typo3/commit/3225d705080a1bde57a66689621c947da5a4782f https://github.com/TYPO3/typo3/commit/722bf71c118b0a8e4f2c2494854437d846799a13 https://github.com/TYPO3/typo3/commit/e0f0ceee480c203fbb60b87454f5f193e541d27f https://typo3.org/security/advisory/typo3-core-sa-2026-004
Patch
https://typo3.org/security/advisory/typo3-core-sa-2026-004
Share on: