TYPO3 CMS Allows Broken Access Control in Redirects Module

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Description

Backend users with access to the redirects module and write permission on the sys_redirect table were able to read, create, and modify any redirect record without restriction to the user’s own file-mounts or web-mounts. This allowed attackers to insert or alter redirects pointing to arbitrary URLs – facilitating phishing or other malicious redirect attacks. This issue affects TYPO3 CMS versions 10.0.0-10.4.54, 11.0.0-11.5.48, 12.0.0-12.4.40, 13.0.0-13.4.22 and 14.0.0-14.0.1.

Basic Information

ID CVE-2025-59021

Source TYPO3

Published Jan 13, 2026 at 11:53

Affected Product

Vendor TYPO3

Product TYPO3 CMS

Version 10.0.0

Affected Versions TYPO3 TYPO3 CMS 10.0.0
TYPO3 TYPO3 CMS 11.0.0
TYPO3 TYPO3 CMS 12.0.0
TYPO3 TYPO3 CMS 13.0.0
TYPO3 TYPO3 CMS 14.0.0

CWE Classification

CWE-862

References

{
    "lastseen": "",
    "description": "Backend users with access to the redirects module and write permission on the sys_redirect table were able to read, create, and modify any redirect record without restriction to the user\u2019s own file-mounts or web-mounts. This allowed attackers to insert or alter redirects pointing to arbitrary URLs \u2013 facilitating phishing or other malicious redirect attacks. This issue affects TYPO3 CMS versions 10.0.0-10.4.54, 11.0.0-11.5.48, 12.0.0-12.4.40, 13.0.0-13.4.22 and 14.0.0-14.0.1.",
    "published": "2026-01-13T11:53:25.879Z",
    "modified": "2026-01-13T11:53:25.879Z",
    "type": "cve",
    "title": "TYPO3 CMS Allows Broken Access Control in Redirects Module",
    "source": "TYPO3",
    "references": "https://typo3.org/security/advisory/typo3-core-sa-2026-002\nhttps://github.com/TYPO3/typo3/commit/8a46abd8993e3a5a31a834dcd6c8f91adef57ce4\nhttps://github.com/TYPO3/typo3/commit/bac370df5c1c3fcf5ebc1c030fbd2bec86d6a686\nhttps://github.com/TYPO3/typo3/commit/fbbae3b9a40d0420207ef7af990cdf1ac0612c0b",
    "id": "CVE-2025-59021",
    "bulletinFamily": "",
    "cwe": [
        "CWE-862"
    ],
    "cvelist": null,
    "sourceData": "TYPO3 TYPO3 CMS 10.0.0\nTYPO3 TYPO3 CMS 11.0.0\nTYPO3 TYPO3 CMS 12.0.0\nTYPO3 TYPO3 CMS 13.0.0\nTYPO3 TYPO3 CMS 14.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "TYPO3 CMS",
    "version": "10.0.0",
    "vendor": "TYPO3",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

TYPO3 CMS Allows Broken Access Control in Redirects Module_CVE-2025-59021