CVE Details
Basic Information
| Title |
CVE-2025-47936 |
| Type |
cve |
| Published |
2025-05-20T14:15:50 |
| Last Seen |
2025-05-20T14:26:25 |
CVSS Information
| Base Score |
3.3 (LOW) |
| Attack Vector |
NETWORK |
| Attack Complexity |
HIGH |
| Privileges Required |
HIGH |
| User Interaction |
NONE |
| Scope |
UNCHANGED |
| Confidentiality Impact |
NONE |
| Integrity Impact |
LOW |
| Availability Impact |
LOW |
AI Analysis
| AI Description |
TYPO3, a popular PHP-based web content management system, is vulnerable to Cross-Site Request Forgery (CSRF) in its Webhooks feature. This vulnerability affects versions on the 12.x branch prior to 12.4.31 LTS and the 13.x branch prior to 13.4.2 LTS. The issue allows attackers to perform unauthorized actions by tricking authenticated users into executing malicious requests. |
| AI Severity |
Medium |
| Vendor |
TYPO3 Association |
| Product |
TYPO3 CMS |
| Affected Version |
12.x prior to 12.4.31 LTS, 13.x prior to 13.4.2 LTS |
Additional Information
| CVE List |
CVE-2025-47936 |
| CWE List |
CWE-918 |
| Bulletin Family |
cve |
Description
TYPO3 is an open source, PHP based web content management system. In versions on the 12.x branch prior to 12.4.31 LTS and the 13.x branch prior to 13.4.2 LTS, Webhooks are inherently vulnerable to Cross-Site Request Forgery…
CVSS Score Summary
Base Score: %!f(string=#) (LOW)
View Full CVE Details
