Lucene search
K

15 matches found

OSV
OSV
added 2026/06/12 8:7 p.m.9 views

GHSA-3P42-W5CH-GG42 TYPO3 CMS has an Open Redirect Vulnerability via Core Utilities

Problem Applications that use GeneralUtility::sanitizeLocalUrl to allow only local URLs are vulnerable to open redirect attacks if the URL is used after it has passed the aforementioned sanitization checks. This enables attackers to redirect users to external content and carry out phishing attack...

5.3CVSS5.3AI score0.00294EPSS
Exploits0References7
CVE
CVE
added 2026/06/09 10:51 a.m.28 views

CVE-2026-47347

CVE-2026-47347 affects TYPO3 CMS where GeneralUtility::sanitizeLocalUrl can be bypassed, enabling an open redirect if a URL is used after sanitization. Affected versions are older: 10.4.57, 11.0.0–11.5.50, 12.0.0–12.4.45, 13.0.0–13.4.30, and 14.0.0–14.3.2. The CVE entry notes the impact as open r...

5.3CVSS5.5AI score0.00294EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/09 10:51 a.m.36 views

CVE-2026-47347 TYPO3 CMS - Open Redirect in Core Utilities

Applications that use GeneralUtility::sanitizeLocalUrl to allow only local URLs are vulnerable to open redirect attacks if the URL is used after it has passed the aforementioned sanitization checks. This enables attackers to redirect users to external content and carry out phishing attacks. This...

5.3CVSS0.00294EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.14 views

PT-2026-47740

Name of the Vulnerable Software and Affected Versions TYPO3 CMS versions prior to 10.4.57 TYPO3 CMS versions 11.0.0 through 11.5.50 TYPO3 CMS versions 12.0.0 through 12.4.45 TYPO3 CMS versions 13.0.0 through 13.4.30 TYPO3 CMS versions 14.0.0 through 14.3.2 Description Applications utilizing the...

5.3CVSS5.2AI score0.00294EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

TYPO3 CMS 输入验证错误漏洞

TYPO3 CMS is a content management system developed under the TYPO3 open source framework. There is a vulnerability in input validation of TYPO3 CMS, which stems from the GeneralUtility::sanitizeLocalUrl function. This function allows URLs to be used for redirection even after cleaning, potentiall...

5.3CVSS5.2AI score0.00294EPSS
Exploits0References2
Veracode
Veracode
added 2025/10/15 8:11 a.m.9 views

Open Redirection

typo3/cms-core is vulnerable to Open Redirection. The vulnerability is due to improper sanitization of user-supplied URLs in the GeneralUtility::sanitizeLocalUrl function, which allows an attacker to manipulate sanitized URLs and redirect users to arbitrary external sites, enabling phishing attac...

6.1CVSS7AI score0.00172EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-27232

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00172EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/11 9:20 a.m.12 views

CVE-2025-59013

An open‑redirect vulnerability in GeneralUtility::sanitizeLocalUrl of TYPO3 CMS 9.0.0–9.5.54, 10.0.0–10.4.53, 11.0.0–11.5.47, 12.0.0–12.4.36, and 13.0.0–13.4.17 allows an attacker to redirect users to arbitrary external sites, enabling phishing attacks by supplying a manipulated, sanitized URL...

6.1CVSS6.9AI score0.00172EPSS
Exploits0References1
Snyk
Snyk
added 2025/09/09 9:31 a.m.3 views

Open Redirect

Overview typo3/cms-core is a free open source enterprise content management system. Affected versions of this package are vulnerable to Open Redirect via the GeneralUtility::sanitizeLocalUrl function. An attacker can cause users to be redirected to arbitrary external sites by supplying whitespace...

6.1CVSS6.7AI score0.00172EPSS
Exploits0References2
OSV
OSV
added 2025/09/09 9:31 a.m.5 views

GHSA-72JF-5FG5-3CW3 TYPO3 CMS has an open‑redirect vulnerability

An open‑redirect vulnerability in GeneralUtility::sanitizeLocalUrl of TYPO3 CMS 9.0.0–9.5.54, 10.0.0–10.4.53, 11.0.0–11.5.47, 12.0.0–12.4.36, and 13.0.0–13.4.17 allows an attacker to redirect users to arbitrary external sites, enabling phishing attacks by supplying a manipulated, sanitized URL...

5.3CVSS7AI score0.00172EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/09/09 9:31 a.m.10 views

TYPO3 CMS has an open‑redirect vulnerability

An open‑redirect vulnerability in GeneralUtility::sanitizeLocalUrl of TYPO3 CMS 9.0.0–9.5.54, 10.0.0–10.4.53, 11.0.0–11.5.47, 12.0.0–12.4.36, and 13.0.0–13.4.17 allows an attacker to redirect users to arbitrary external sites, enabling phishing attacks by supplying a manipulated, sanitized URL...

6.1CVSS7AI score0.00172EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2025/09/09 9:15 a.m.9 views

CVE-2025-59013

An open‑redirect vulnerability in GeneralUtility::sanitizeLocalUrl of TYPO3 CMS 9.0.0–9.5.54, 10.0.0–10.4.53, 11.0.0–11.5.47, 12.0.0–12.4.36, and 13.0.0–13.4.17 allows an attacker to redirect users to arbitrary external sites, enabling phishing attacks by supplying a manipulated, sanitized URL...

6.1CVSS0.00172EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/09 9:0 a.m.3 views

CVE-2025-59013 Open Redirect in TYPO3 CMS

An open‑redirect vulnerability in GeneralUtility::sanitizeLocalUrl of TYPO3 CMS 9.0.0–9.5.54, 10.0.0–10.4.53, 11.0.0–11.5.47, 12.0.0–12.4.36, and 13.0.0–13.4.17 allows an attacker to redirect users to arbitrary external sites, enabling phishing attacks by supplying a manipulated, sanitized URL...

5.3CVSS6.4AI score0.00172EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.9 views

PT-2025-36689

Name of the Vulnerable Software and Affected Versions: TYPO3 CMS versions 9.0.0 through 9.5.54 TYPO3 CMS versions 10.0.0 through 10.4.53 TYPO3 CMS versions 11.0.0 through 11.5.47 TYPO3 CMS versions 12.0.0 through 12.4.36 TYPO3 CMS versions 13.0.0 through 13.4.17 Description: An open-redirect...

6.1CVSS6.2AI score0.00172EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/09/09 12:0 a.m.4 views

TYPO3 9.0.0 < 9.5.55 ELTS / 10.0.0 < 10.4.54 ELTS / 11.0.0 < 11.5.48 ELTS / 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-017)

The version of TYPO3 installed on the remote host is 9.0.0 prior to 9.5.55 ELTS / 10.0.0 prior to 10.4.54 ELTS / 11.0.0 prior to 11.5.48 ELTS / 12.0.0 prior to 12.4.37 / 13.0.0 prior to 13.4.18. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2025-017 advisory. - ...

6.1CVSS5.8AI score0.00172EPSS
Exploits0References2
Rows per page
Query Builder