4 matches found
CVE-2024-55920
TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...
CVE-2024-55920
creationtimestamp| type| source ---|---|--- 2025-01-14 20:08:52+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1591 2025-01-14 20:16:07+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfq2xm2fb32n 2025-01-14 22:22:57+00:00| seen|...
CVE-2024-55920 Cross-Site Request Forgery in Dashboard Module in TYPO3
TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...
CVE-2024-55920
CVE-2024-55920 affects TYPO3 and specifically the backend Dashboard Module . The issue is a CSRF in deep-link handling plus improper use of HTTP GET for state-changing actions. Exploitation requires an active backend session and a user-initiated visit to a malicious URL, typically via phishing, w...