Lucene search
K

5 matches found

Cvelist
Cvelist
added 2025/01/14 7:55 p.m.16 views

CVE-2024-55920 Cross-Site Request Forgery in Dashboard Module in TYPO3

TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...

4.3CVSS0.00188EPSS
Exploits0References2
CVE
CVE
added 2025/01/14 7:55 p.m.61 views

CVE-2024-55920

CVE-2024-55920 affects TYPO3 and specifically the backend Dashboard Module . The issue is a CSRF in deep-link handling plus improper use of HTTP GET for state-changing actions. Exploitation requires an active backend session and a user-initiated visit to a malicious URL, typically via phishing, w...

4.3CVSS4.7AI score0.00188EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/14 7:55 p.m.14 views

CVE-2024-55920 Cross-Site Request Forgery in Dashboard Module in TYPO3

TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...

4.3CVSS7.1AI score0.00188EPSS
Exploits0References2
OSV
OSV
added 2025/01/14 3:25 p.m.8 views

GHSA-QWX7-39PW-2MHR TYPO3 Cross-Site Request Forgery in Dashboard Module

Problem A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP...

4.3CVSS4.6AI score0.00188EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/01/14 3:25 p.m.19 views

TYPO3 Cross-Site Request Forgery in Dashboard Module

Problem A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP...

4.3CVSS4.5AI score0.00188EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder