5 matches found
CVE-2024-55920 Cross-Site Request Forgery in Dashboard Module in TYPO3
TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...
CVE-2024-55920
CVE-2024-55920 affects TYPO3 and specifically the backend Dashboard Module . The issue is a CSRF in deep-link handling plus improper use of HTTP GET for state-changing actions. Exploitation requires an active backend session and a user-initiated visit to a malicious URL, typically via phishing, w...
CVE-2024-55920 Cross-Site Request Forgery in Dashboard Module in TYPO3
TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...
GHSA-QWX7-39PW-2MHR TYPO3 Cross-Site Request Forgery in Dashboard Module
Problem A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP...
TYPO3 Cross-Site Request Forgery in Dashboard Module
Problem A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP...