7 matches found
EUVD-2025-0063
Malicious code in bioql PyPI...
Cross-Site Request Forgery (CSRF)
typo3/cms-lowlevel is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to improper handling of deep links in the backend user interface, caused by insufficient enforcement of HTTP methods and reliance on misconfigured security settings and allows an attacker to manipulate...
CVE-2024-55945 Cross-Site Request Forgery in DB Check Module in TYPO3
TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...
CVE-2024-55945 Cross-Site Request Forgery in DB Check Module in TYPO3
TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...
CVE-2024-55945
CVE-2024-55945 affects TYPO3 (notably the DB Check Module in the TYPO3 backend). The issue is a CSRF vulnerability in deep-linking that can enable state-changing actions to be performed via unauthorized submissions, if an attacker lures a logged-in backend user to a malicious URL. Exploitation re...
GHSA-8MV3-37RC-PVXJ TYPO3 DB Check Module vulnerable to Cross-Site Request Forgery
Problem A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP...
PT-2025-3160 · Typo3 · Typo3
Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 11.5.42 ELTS Description: A vulnerability has been identified in the backend user interface functionality involving deep links, which is susceptible to Cross-Site Request Forgery CSRF. State-changing actions in...