Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

TYPO3 — Vulnerabilities & Security Advisories 118

Browse all 118 CVE security advisories affecting TYPO3. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by TYPO3:TYPO3TYPO3 CMSTYPO3.CMShtml-sanitizerns backup extensionFluidsr feuser register extensionExtension "Mailqueue"Extension "E-Mail MFA Provider"Extension "Redirect Tabs"Extension "Modules"Extension "Form to Database" (form_to_database)Extension "TYPO3 Backup Plus"Extension "femanager"Extension "powermail"cs seo extensionreint downloadmanager extensionfemanager extensionoidc
CVE IDTitleCVSSSeverityPublished
CVE-2026-6553 TYPO3 CMS Stores Cleartext Password in User Settings Module — TYPO3 CMSCWE-312 6.5AIMediumAI2026-04-21
CVE-2026-4208 Authentication Bypass in extension "E-Mail MFA Provider" (mfa_email) — Extension "E-Mail MFA Provider"CWE-639 8.1AIHighAI2026-03-17
CVE-2026-4202 Broken Access Control in extension "Redirect Tab" — Extension "Redirect Tabs"CWE-862 5.4AIMediumAI2026-03-17
CVE-2026-1323 Insecure Deserialization in extension "Mailqueue" (mailqueue) — Extension "Mailqueue"CWE-502 8.8AIHighAI2026-03-17
CVE-2026-0895 Insecure Deserialization in extension "Mailqueue" (mailqueue) — Extension "Mailqueue"CWE-502 9.8AICriticalAI2026-01-20
CVE-2026-0859 TYPO3 CMS Allows Insecure Deserialization via Mailer File Spool — TYPO3 CMSCWE-502 7.8AIHighAI2026-01-13
CVE-2025-59022 TYPO3 CMS Allows Broken Access Control in Recycler Module — TYPO3 CMSCWE-862 8.1AIHighAI2026-01-13
CVE-2025-59021 TYPO3 CMS Allows Broken Access Control in Redirects Module — TYPO3 CMSCWE-862 4.6AIMediumAI2026-01-13
CVE-2025-59020 TYPO3 CMS Allows Broken Access Control in Edit Document Controller — TYPO3 CMSCWE-863 4.3AIMediumAI2026-01-13
CVE-2025-12998 Broken Authentication in extension “Modules” (modules) — Extension "Modules"CWE-287 9.1 -2025-11-12
CVE-2025-10316 Cross-Site Scripting in extension "Form to Database" (form_to_database) — Extension "Form to Database" (form_to_database)CWE-79 6.1AIMediumAI2025-09-16
CVE-2025-59019 Information Disclosure via CSV Download — TYPO3 CMSCWE-200 6.5AIMediumAI2025-09-09
CVE-2025-59018 Information Disclosure in Workspaces Module — TYPO3 CMSCWE-200 6.5AIMediumAI2025-09-09
CVE-2025-59017 Broken Access Control in Backend AJAX Routes — TYPO3 CMSCWE-862 8.8AIHighAI2025-09-09
CVE-2025-59016 Information Disclosure via File Abstraction Layer — TYPO3 CMSCWE-209 4.3AIMediumAI2025-09-09
CVE-2025-59015 Insufficient Entropy in Password Generation — TYPO3 CMSCWE-331 9.8AICriticalAI2025-09-09
CVE-2025-59014 Denial of Service in TYPO3 Bookmark Toolbar — TYPO3 CMSCWE-248 4.9AIMediumAI2025-09-09
CVE-2025-59013 Open Redirect in TYPO3 CMS — TYPO3 CMSCWE-601 6.1AIMediumAI2025-09-09
CVE-2025-9573 Command Injection in extension "TYPO3 Backup Plus" (ns_backup) — Extension "TYPO3 Backup Plus"CWE-78 9.8AICriticalAI2025-09-02
CVE-2025-7900 Insecure Direct Object Reference in extension "femanager" (femanager) — Extension "femanager"CWE-639 4.3 -2025-07-22
CVE-2025-7899 Insecure Direct Object Reference in extension "powermail" (powermail) — Extension "powermail"CWE-639 7.5 -2025-07-22
CVE-2025-48200 TYPO3 安全漏洞 — sr feuser register extensionCWE-502 10.0 Critical2025-05-21
CVE-2025-48205 TYPO3 安全漏洞 — sr feuser register extensionCWE-425 8.6 High2025-05-21
CVE-2025-48201 TYPO3 安全漏洞 — ns backup extensionCWE-425 8.6 High2025-05-21
CVE-2025-48206 TYPO3 安全漏洞 — ns backup extensionCWE-79 6.1AIMediumAI2025-05-21
CVE-2025-48202 TYPO3 femanager 安全漏洞 — femanager extensionCWE-425 5.3 Medium2025-05-21
CVE-2025-48203 TYPO3 cs_seo 安全漏洞 — cs seo extensionCWE-79 6.4 Medium2025-05-21
CVE-2025-48207 TYPO3 安全漏洞 — reint downloadmanager extensionCWE-425 8.6 High2025-05-21
CVE-2025-48204 TYPO3 安全漏洞 — ns backup extensionCWE-78 6.8 Medium2025-05-21
CVE-2025-47941 TYPO3 Has Broken Authentication in Backend MFA — typo3CWE-288 7.2 High2025-05-20

This page lists every published CVE security advisory associated with TYPO3. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.