CVE-2024-47780
| Summary |
TYPO3 is a free and open source Content Management Framework. Backend users could see items in the backend page tree without having access if the mounts pointed to pages restricted for their user/group, or if no mounts were configured but the pages allowed access to "everybody." However, affected users could not manipulate these pages. Users are advised to update to TYPO3 versions 10.4.46 ELTS, 11.5.40 LTS, 12.4.21 LTS, 13.3.1 that fix the problem described. There are no known workarounds for this vulnerability.
|
| Publication Date |
Oct. 9, 2024, 3:15 a.m. |
| Registration Date |
Oct. 9, 2024, noon |
| Last Update |
Oct. 10, 2024, 9:56 p.m. |
Related information, measures and tools
Common Vulnerabilities List
JVN Vulnerability Information
TYPO3 Association の TYPO3 における不正な認証に関する脆弱性
| Title |
TYPO3 Association の TYPO3 における不正な認証に関する脆弱性
|
| Summary |
TYPO3 Association の TYPO3 には、不正な認証に関する脆弱性が存在します。
|
| Possible impacts |
情報を取得される可能性があります。 |
| Solution |
ベンダアドバイザリまたはパッチ情報が公開されています。参考情報を参照して適切な対策を実施してください。 |
| Publication Date |
Oct. 8, 2024, midnight |
| Registration Date |
Sept. 5, 2025, 3:32 p.m. |
| Last Update |
Sept. 5, 2025, 3:32 p.m. |
Affected System
| TYPO3 Association |
|
TYPO3 10.0.0 以上 10.4.46 未満
|
|
TYPO3 11.0.0 以上 11.5.40 未満
|
|
TYPO3 12.0.0 以上 12.4.21 未満
|
|
TYPO3 13.0.0 以上 13.3.1 未満
|
CVE (情報セキュリティ 共通脆弱性識別子)
CWE (共通脆弱性タイプ一覧)
その他
Change Log
| No |
Changed Details |
Date of change |
| 1 |
[2025年09月05日] 掲載 |
Sept. 5, 2025, 2:28 p.m. |