Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

TYPO3 — Vulnerabilities & Security Advisories 58

All 58 CVE vulnerabilities found in TYPO3, with AI-generated Chinese analysis, references, and POCs.

Vendor: TYPO3

CVE IDTitleCVSSSeverityPublished
CVE-2025-47941 TYPO3 Has Broken Authentication in Backend MFA CWE-288 7.2 High2025-05-20
CVE-2025-47940 TYPO3 CMS Vulnerable to Privilege Escalation to System Maintainer CWE-283 7.2 High2025-05-20
CVE-2025-47939 TYPO3 CMS Vulnerable to Unrestricted File Upload in File Abstraction Layer CWE-351 5.4 Medium2025-05-20
CVE-2025-47938 TYPO3 Vulnerable to Unverified Password Change for Backend Users CWE-620 3.8 Low2025-05-20
CVE-2025-47937 TYPO3 Vulnerable to Information Disclosure via DBAL Restriction Handling CWE-863 3.7 Low2025-05-20
CVE-2025-47936 TYPO3 Vulnerable to Server Side Request Forgery via Webhooks CWE-918 3.3 Low2025-05-20
CVE-2024-55892 Potential Open Redirect via Parsing Differences in TYPO3 CWE-601 4.8 Medium2025-01-14
CVE-2024-55893 TYPO3 Cross-Site Request Forgery in Log Module CWE-352 4.3 Medium2025-01-14
CVE-2024-55894 TYPO3 Cross-Site Request Forgery in Backend User Module CWE-352 4.3 Medium2025-01-14
CVE-2024-55920 Cross-Site Request Forgery in Dashboard Module in TYPO3 CWE-352 4.3 Medium2025-01-14
CVE-2024-55921 Cross-Site Request Forgery in Extension Manager Module in TYPO3 CWE-352 7.5 High2025-01-14
CVE-2024-55922 Cross-Site Request Forgery in Form Framework Module in TYPO3 CWE-352 5.4 Medium2025-01-14
CVE-2024-55923 Cross-Site Request Forgery in Indexed Search Module in TYPO3 CWE-352 4.3 Medium2025-01-14
CVE-2024-55924 Cross-Site Request Forgery in Scheduler Module in TYPO3 CWE-352 8.0 High2025-01-14
CVE-2024-55945 Cross-Site Request Forgery in DB Check Module in TYPO3 CWE-352 4.3 Medium2025-01-14
CVE-2024-55891 Information Disclosure via Exception Handling/Logger in TYPO3 CWE-532 3.1 Low2025-01-14
CVE-2024-47780 Information Disclosure in TYPO3 Page Tree CWE-863 3.1 Low2024-10-08
CVE-2024-34358 TYPO3 vulnerable to an Uncontrolled Resource Consumption in the ShowImageController CWE-347 5.3 Medium2024-05-14
CVE-2024-34357 TYPO3 vulnerable to Cross-Site Scripting in ShowImageController CWE-79 5.4 Medium2024-05-14
CVE-2024-34356 TYPO3 vulnerable to Cross-Site Scripting in the Form Manager Module CWE-79 5.4 Medium2024-05-14
CVE-2024-34355 TYPO3 vulnerable to an HTML Injection in the History Module CWE-116 3.5 Low2024-05-14
CVE-2024-25118 Information Disclosure of Hashed Passwords in TYPO3 Backend Forms CWE-200 4.3 Medium2024-02-13
CVE-2024-25119 Information Disclosure of Encryption Key in TYPO3 Install Tool CWE-200 4.9 Medium2024-02-13
CVE-2024-25120 Improper Access Control of Resources Referenced by t3:// URI Scheme in TYPO3 CWE-200 4.3 Medium2024-02-13
CVE-2024-25121 Improper Access Control Persisting File Abstraction Layer Entities via Data Handler in TYPO3 CWE-200 7.1 High2024-02-13
CVE-2023-47126 Information Disclosure in Install Tool in typo3/cms-install CWE-200 3.7 Low2023-11-14
CVE-2023-47127 Weak Authentication in Session Handling in typo3/cms-core CWE-302 4.2 Medium2023-11-14
CVE-2023-38499 typo3/cms-core Information Disclosure due to Out-of-scope Site Resolution CWE-200 3.7 Low2023-07-25
CVE-2023-24814 Persisted Cross-Site Scripting in Frontend Rendering in typo3 CWE-79 8.8 High2023-02-07
CVE-2022-23504 TYPO3 contains Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration CWE-200 5.7 Medium2022-12-14

All 58 known CVE vulnerabilities affecting TYPO3 with full Chinese analysis, references, and POCs where available.