Open Redirect Vulnerability in TYPO3 CMS by TYPO3
CVE-2025-59013
5.3MEDIUM
What is CVE-2025-59013?
An open redirect vulnerability exists in TYPO3 CMS's GeneralUtility::sanitizeLocalUrl. This flaw allows attackers to redirect unsuspecting users to harmful external websites through a manipulated URL. By exploiting this vulnerability, threat actors can conduct phishing attacks, potentially compromising sensitive user information. Users of affected TYPO3 CMS versions are advised to implement security updates and monitor for unusual activity.
Affected Version(s)
TYPO3 CMS 9.0.0 < 9.5.55
TYPO3 CMS 10.0.0 < 10.4.54
TYPO3 CMS 11.0.0 < 11.5.48
References
CVSS V4
Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Oliver Hader
Benjamin Franzke