Primary

Context

TYPO3 CMS Denial-of-Service Vulnerability in Bookmark Toolbar

Vulnerability

Patched

A denial-of-service vulnerability has been identified in the Bookmark Toolbar of TYPO3 CMS. This issue affects versions 11.0.0 through 11.5.47, 12.0.0 through 12.4.36, and 13.0.0 through 13.4.17. The vulnerability arises from an uncaught exception that allows administrator-level backend users to disrupt the backend user interface by saving manipulated data in the bookmark toolbar. This action triggers a general error state, blocking further access to the interface.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition in the backend user interface, causing a general error state that blocks further access to the interface.

Remediation

Users can update to TYPO3 versions 11.5.48 ELTS, 12.4.37 LTS, or 13.4.18 LTS, which address this vulnerability.

Added: Sep 9, 2025, 9:21 AM

Updated: Sep 9, 2025, 5:01 PM

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

2.5

exploitability

5.0

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

2.5

exploitability

5.0

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TYPO3 CMS Denial-of-Service Vulnerability in Bookmark Toolbar

Vulnerability

Impact

Remediation

Affected Products

TYPO3 CMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating