TYPO3 Cross-Site Request Forgery in Log Module

🗓️ 14 Jan 2025 15:24:52Reported by GitHub Advisory DatabaseType

Vulnerability in TYPO3 Log Module allows Cross-Site Request Forgery via misconfigured settings.

Reporter	Title	Published	Views	Family All 13
Circl	CVE-2024-55893	14 Jan 202520:16	–	circl
CNNVD	TYPO3 安全漏洞	14 Jan 202500:00	–	cnnvd
CVE	CVE-2024-55893	14 Jan 202520:00	–	cve
Cvelist	CVE-2024-55893 TYPO3 Cross-Site Request Forgery in Log Module	14 Jan 202520:00	–	cvelist
EUVD	EUVD-2025-0059	3 Oct 202520:07	–	euvd
NVD	CVE-2024-55893	14 Jan 202520:15	–	nvd
OSV	CVE-2024-55893 TYPO3 Cross-Site Request Forgery in Log Module	14 Jan 202520:00	–	osv
OSV	GHSA-CJFR-9F5R-3Q93 TYPO3 Cross-Site Request Forgery in Log Module	14 Jan 202515:24	–	osv
Positive Technologies	PT-2025-3144 · Typo3 · Typo3	14 Jan 202500:00	–	ptsecurity
RedhatCVE	CVE-2024-55893	20 May 202523:15	–	redhatcve

Vulners

Node

typo3 cms-belogRange13.0.0–13.4.2composer

typo3 cms-belogRange12.0.0–12.4.24composer

typo3 cms-belogRange11.0.0–11.5.41composer

typo3 cms-belogRange10.0.0–10.4.47composer

Source	Link
github	www.github.com/TYPO3/typo3/security/advisories/GHSA-cjfr-9f5r-3q93
github	www.github.com/TYPO3-CMS/belog/commit/ece08246dbcea416ff97d4cc013bf24fb622fe5f
typo3	www.typo3.org/security/advisory/typo3-core-sa-2025-003
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-55893
github	www.github.com/TYPO3-CMS/belog/commit/0eb171fcc5863c74f4890af0c6b3ccecb7e30cce
github	www.github.com/TYPO3-CMS/belog/commit/db399b80d94bd174e6699eccaf3fac7772a898a9
github	www.github.com/advisories/GHSA-cjfr-9f5r-3q93

02 Jun 2025 07:46Current

4.6Medium risk

Vulners AI Score4.6

CVSS 3.14.3

EPSS0.00575

SSVC