TYPO3 CMS
Moderate fix5 remedies
cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*
Moderate fix5 remedies
- >= 9.0.0, <= 9.5.54
- >= 10.0.0, <= 10.4.53
- >= 11.0.0, <= 11.5.47
- >= 12.0.0, <= 12.4.36
- >= 13.0.0, <= 13.4.17
TYPO3 CMS Open Redirect Vulnerability in Core Utility
Vulnerability
Patched
A medium-severity open redirect vulnerability has been identified in TYPO3 CMS versions 9.0.0 through 9.5.54, 10.0.0 through 10.4.53, 11.0.0 through 11.5.47, 12.0.0 through 12.4.36, and 13.0.0 through 13.4.17. The vulnerability arises in the 'sanitizeLocalUrl' function of the GeneralUtility class, where improperly sanitized URLs can be exploited to redirect users to arbitrary external sites. This flaw could facilitate phishing attacks by allowing attackers to manipulate and sanitize URLs for malicious purposes.
Impact
Exploitation of this vulnerability could lead to open redirect attacks, where users are redirected to external sites, potentially for phishing purposes.
Remediation
Users are advised to update TYPO3 to versions 9.5.55 ELTS, 10.4.54 ELTS, 11.5.48 ELTS, 12.4.37 LTS, or 13.4.18 LTS, all of which address this vulnerability.
Added: Sep 9, 2025, 9:22 AM
Updated: Sep 9, 2025, 5:01 PM
Vulnerability Rating
Custom Algorithm
spread
6.4impact
1.0exploitability
6.5remediation
7.7relevance
0.5threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.