Cross-Site-Request-Forgery in Backend

🗓️ 05 Oct 2021 20:23:47Reported by GitHub Advisory DatabaseType

Cross-Site-Request-Forgery in TYPO3 v11 Backend. Vulnerability allows unauthorized users to create admin accoun

Reporter	Title	Published	Views	Family All 19
Circl	CVE-2021-41113	5 Oct 202122:30	–	circl
CNNVD	TYPO3 跨站请求伪造漏洞	5 Oct 202100:00	–	cnnvd
CNVD	TYPO3 cross-site request forgery vulnerability	10 Oct 202100:00	–	cnvd
CVE	CVE-2021-41113	5 Oct 202117:20	–	cve
Cvelist	CVE-2021-41113 Cross-Site-Request-Forgery in Backend URI Handling in Typo3	5 Oct 202117:20	–	cvelist
EUVD	EUVD-2021-2166	7 Oct 202500:30	–	euvd
Friends Of PHP	TYPO3-CORE-SA-2021-014: Cross-Site-Request-Forgery in Backend URI Handling	5 Oct 202111:02	–	friendsofphp
Friends Of PHP	TYPO3-CORE-SA-2021-014: Cross-Site-Request-Forgery in Backend URI Handling	5 Oct 202111:02	–	friendsofphp
NCSC	Vulnerability fixed in Typo3	6 Oct 202100:00	–	ncsc
NVD	CVE-2021-41113	5 Oct 202118:15	–	nvd

Vulners

Node

typo3 cms-coreRange11.2.0–11.5.0composer

Source	Link
github	www.github.com/TYPO3/typo3/security/advisories/GHSA-657m-v5vm-f6rw
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-11069
github	www.github.com/TYPO3/typo3/commit/fa51999203c5e5d913ecae5ea843ccb2b95fa33f
typo3	www.typo3.org/security/advisory/typo3-core-sa-2020-006
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-41113
github	www.github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-41113.yaml
github	www.github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-41113.yaml
typo3	www.typo3.org/security/advisory/typo3-core-sa-2021-014
github	www.github.com/advisories/GHSA-657m-v5vm-f6rw

05 Feb 2024 11:18Current

2.1Low risk

Vulners AI Score2.1

CVSS 26.8

CVSS 3.18.8

EPSS0.00244