Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:25416
HistoryMay 14, 2020 - 8:03 a.m.

Same-site Request Forgery (SSRF)

2020-05-1408:03:12
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8

0.001 Low

EPSS

Percentile

35.4%

JSON

typo3/cms-core is vulnerable to a same-site request forgery. The attack is possible to trigger because it does not properly enforce HTTP Referer header that usually protects against cross-site request forgery, allowing an authenticated backend user to launch the attack.

Related

cve 2
typo3 2
prion 2
osv 6
nvd 2
friendsofphp 2
cvelist 2
github 2
ubuntucve 1
nessus 2
openvas 1
freebsd 1
cve
cve
CVE-2020-11069
2020-05-14 00:15:11
CVE-2021-41113
2021-10-05 18:15:08
typo3
typo3
Same-Origin Request Forgery to Backend User Interface
2020-05-12 00:00:00
Cross-Site-Request-Forgery in Backend URI Handling
2021-10-05 00:00:00
prion
prion
Cross site request forgery (csrf)
2020-05-14 00:15:00
Cross site request forgery (csrf)
2021-10-05 18:15:00
osv
osv
CVE-2020-11069
2020-05-14 00:15:11
Backend Same-Site Request Forgery in TYPO3 CMS
2020-05-13 23:40:09
BIT-typo3-2020-11069
2024-03-06 11:11:52
nvd
nvd
CVE-2020-11069
2020-05-14 00:15:11
CVE-2021-41113
2021-10-05 18:15:08
friendsofphp
friendsofphp
TYPO3-CORE-SA-2020-006: Same-Site Request Forgery to Backend User Interface
2020-05-12 09:21:34
TYPO3-CORE-SA-2020-006: Same-Site Request Forgery to Backend User Interface
2020-05-12 09:21:34
cvelist
cvelist
CVE-2020-11069 Cross-Site Request Forgery in TYPO3 CMS
2020-05-13 23:35:37
CVE-2021-41113 Cross-Site-Request-Forgery in Backend URI Handling in Typo3
2021-10-05 17:20:12
github
github
Backend Same-Site Request Forgery in TYPO3 CMS
2020-05-13 23:40:09
Cross-Site-Request-Forgery in Backend
2021-10-05 20:23:47
ubuntucve
ubuntucve
CVE-2021-41113
2021-10-05 00:00:00
nessus
nessus
TYPO3 9.x < 9.5.17 / 10.x < 10.4.2 Multiple Vulnerabilities
2020-07-13 00:00:00
FreeBSD : typo3 -- multiple vulnerabilities (59fabdf2-9549-11ea-9448-08002728f74c)
2020-05-14 00:00:00
openvas
openvas
TYPO3 9.0.0 < 9.5.17, 10.0.0 < 10.4.2 Multiple Vulnerabilities (TYPO3-CORE-SA-2020-002, TYPO3-CORE-SA-2020-004 to TYPO3-CORE-SA-2020-006)
2020-05-15 00:00:00
freebsd
freebsd
typo3 -- multiple vulnerabilities
2020-05-12 00:00:00

0.001 Low

EPSS

Percentile

35.4%

JSON
Related for VERACODE:25416
cve2typo32prion2osv6nvd2friendsofphp2cvelist2github2ubuntucve1nessus2openvas1freebsd1