CVE-2025-48203

🗓️ 21 May 2025 00:00:00Reported by mitreType

XSS vulnerability in cs_seo extension for TYPO3 versions up to 9.2.0.

Reporter	Title	Published	Views	Family All 13
Circl	CVE-2025-48203	21 May 202517:18	–	circl
CNNVD	TYPO3 cs_seo 安全漏洞	21 May 202500:00	–	cnnvd
Cvelist	CVE-2025-48203	21 May 202500:00	–	cvelist
EUVD	EUVD-2025-16027	3 Oct 202520:07	–	euvd
Friends Of PHP	TYPO3-EXT-SA-2025-005: Cross-Site Scripting in extension "[clickstorm] SEO" (cs_seo)	20 May 202508:59	–	friendsofphp
Github Security Blog	[clickstorm] SEO (cs_seo) TYPO3 extension Cross-site Scripting (XSS) vulnerability	21 May 202517:18	–	github
NVD	CVE-2025-48203	21 May 202516:15	–	nvd
OSV	GHSA-6P8W-PC35-MQV8 [clickstorm] SEO (cs_seo) TYPO3 extension Cross-site Scripting (XSS) vulnerability	21 May 202517:18	–	osv
Positive Technologies	PT-2025-22372	21 May 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-48203	23 May 202500:22	–	redhatcve

Vulners

Node

typo3 cs_seo_extensionRange6.3.0–6.8.0

typo3 cs_seo_extensionRange7.0.0–7.5.0

typo3 cs_seo_extensionRange8.0.0–8.4.0

typo3 cs_seo_extensionRange9.0.0–9.3.0

[
  {
    "defaultStatus": "unknown",
    "product": "cs seo extension",
    "vendor": "TYPO3",
    "versions": [
      {
        "lessThan": "6.8.0",
        "status": "affected",
        "version": "6.3.0",
        "versionType": "semver"
      },
      {
        "lessThan": "7.5.0",
        "status": "affected",
        "version": "7.0.0",
        "versionType": "semver"
      },
      {
        "lessThan": "8.4.0",
        "status": "affected",
        "version": "8.0.0",
        "versionType": "semver"
      },
      {
        "lessThan": "9.3.0",
        "status": "affected",
        "version": "9.0.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
typo3	www.typo3.org/security/advisory/typo3-ext-sa-2025-005

15 Apr 2026 00:35Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.16.4

EPSS0.00172

SSVC

CWE-79