CVE-2025-47936 TYPO3 Vulnerable to Server Side Request Forgery via Webhooks

TYPO3 is an open source, PHP based web content management system. In versions on the 12.x branch prior to 12.4.31 LTS and the 13.x branch prior to 13.4.2 LTS, Webhooks are inherently vulnerable to Cross-Site Request Forgery CSRF, which can be exploited by adversaries to target internal resources...

PT-2025-22138 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions 12.x prior to 12.4.31 LTS TYPO3 versions 13.x prior to 13.4.2 LTS Description: The issue concerns Cross-Site Request Forgery CSRF in Webhooks, which can be exploited by adversaries to target internal resources, such as localhos...