CVE-2024-55923 Cross-Site Request Forgery in Indexed Search Module in TYPO3

🗓️ 14 Jan 2025 19:20:11Reported by GitHub_MType

Vulnerability in TYPO3 allows Cross-Site Request Forgery via Indexed Search Module and misconfigurations.

Reporter	Title	Published	Views	Family All 13
Circl	CVE-2024-55923	14 Jan 202520:16	–	circl
CNNVD	TYPO3 安全漏洞	14 Jan 202500:00	–	cnnvd
CVE	CVE-2024-55923	14 Jan 202519:20	–	cve
EUVD	EUVD-2025-0058	3 Oct 202520:07	–	euvd
Github Security Blog	TYPO3 Indexed Search Module vulnerable to Cross-Site Request Forgery	14 Jan 202515:40	–	github
NVD	CVE-2024-55923	14 Jan 202520:15	–	nvd
OSV	CVE-2024-55923 Cross-Site Request Forgery in Indexed Search Module in TYPO3	14 Jan 202519:20	–	osv
OSV	GHSA-7R5Q-4QGX-V545 TYPO3 Indexed Search Module vulnerable to Cross-Site Request Forgery	14 Jan 202515:40	–	osv
Positive Technologies	PT-2025-3151 · Typo3 · Typo3	14 Jan 202500:00	–	ptsecurity
RedhatCVE	CVE-2024-55923	23 May 202507:40	–	redhatcve

[
  {
    "vendor": "TYPO3",
    "product": "typo3",
    "versions": [
      {
        "version": ">= 10.0.0, < 10.4.48",
        "status": "affected"
      },
      {
        "version": ">= 11.0.0, < 11.5.42",
        "status": "affected"
      },
      {
        "version": ">= 12.0.0, < 12.4.25",
        "status": "affected"
      },
      {
        "version": ">= 13.0.0, < 13.4.3",
        "status": "affected"
      }
    ]
  }
]

Source	Link
typo3	www.typo3.org/security/advisory/typo3-core-sa-2025-008
github	www.github.com/TYPO3/typo3/security/advisories/GHSA-7r5q-4qgx-v545

14 Jan 2025 19:20Current

CVSS 3.14.3

EPSS0.00188