Lucene search
TYPO3 AssociationTYPO3-CORE-SA-2020-006HistoryMay 12, 2020 - 12:00 a.m.
Same-Origin Request Forgery to Backend User Interface
2020-05-1200:00:00
TYPO3 Association
typo3.org
4
0.001 Low
EPSS
Percentile
35.4%
It has been discovered that the backend user interface and install tool are vulnerable to same-origin request forgery. A backend user can be tricked into interacting with a malicious resource an attacker previously managed to upload to the web server - scripts are then executed with the privileges of the victimsβ user session.
Related
cve
cve
CVE-2020-11069
2020-05-14 00:15:11
CVE-2021-41113
2021-10-05 18:15:08
prion
prion
Cross site request forgery (csrf)
2020-05-14 00:15:00
Cross site request forgery (csrf)
2021-10-05 18:15:00
osv
osv
CVE-2020-11069
2020-05-14 00:15:11
Backend Same-Site Request Forgery in TYPO3 CMS
2020-05-13 23:40:09
BIT-typo3-2020-11069
2024-03-06 11:11:52
nvd
nvd
CVE-2020-11069
2020-05-14 00:15:11
CVE-2021-41113
2021-10-05 18:15:08
friendsofphp
friendsofphp
TYPO3-CORE-SA-2020-006: Same-Site Request Forgery to Backend User Interface
2020-05-12 09:21:34
TYPO3-CORE-SA-2020-006: Same-Site Request Forgery to Backend User Interface
2020-05-12 09:21:34
veracode
veracode
Same-site Request Forgery (SSRF)
2020-05-14 08:03:12
cvelist
cvelist
CVE-2020-11069 Cross-Site Request Forgery in TYPO3 CMS
2020-05-13 23:35:37
CVE-2021-41113 Cross-Site-Request-Forgery in Backend URI Handling in Typo3
2021-10-05 17:20:12
github
github
Backend Same-Site Request Forgery in TYPO3 CMS
2020-05-13 23:40:09
Cross-Site-Request-Forgery in Backend
2021-10-05 20:23:47
ubuntucve
ubuntucve
CVE-2021-41113
2021-10-05 00:00:00
typo3
typo3
Cross-Site-Request-Forgery in Backend URI Handling
2021-10-05 00:00:00
nessus
nessus
TYPO3 9.x < 9.5.17 / 10.x < 10.4.2 Multiple Vulnerabilities
2020-07-13 00:00:00
openvas
openvas
freebsd
freebsd
typo3 -- multiple vulnerabilities
2020-05-12 00:00:00