Lucene search
+L

4 matches found

NVD
NVD
added 2025/01/14 8:15 p.m.14 views

CVE-2024-55920

TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...

4.3CVSS0.00191EPSS
Exploits0References2
Circl
Circl
added 2025/01/14 8:8 p.m.11 views

CVE-2024-55920

creationtimestamp| type| source ---|---|--- 2025-01-14 20:08:52+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1591 2025-01-14 20:16:07+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfq2xm2fb32n 2025-01-14 22:22:57+00:00| seen|...

4.3CVSS4.8AI score0.00191EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/01/14 7:55 p.m.15 views

CVE-2024-55920 Cross-Site Request Forgery in Dashboard Module in TYPO3

TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...

4.3CVSS7.1AI score0.00191EPSS
Exploits0References2
CVE
CVE
added 2025/01/14 7:55 p.m.63 views

CVE-2024-55920

CVE-2024-55920 affects TYPO3 and specifically the backend Dashboard Module . The issue is a CSRF in deep-link handling plus improper use of HTTP GET for state-changing actions. Exploitation requires an active backend session and a user-initiated visit to a malicious URL, typically via phishing, w...

4.3CVSS4.7AI score0.00191EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder