VYPR

Packagist (Composer) package

typo3/cms-dashboard

pkg:composer/typo3/cms-dashboard

Vulnerabilities (2)

  • CVE-2025-59017Sep 9, 2025
    affected >= 10.0.0, < 12.4.37fixed 12.4.37

    Missing authorization checks in the Backend Routing of TYPO3 CMS versions 9.0.0‑9.5.54, 10.0.0‑10.4.53, 11.0.0‑11.5.47, 12.0.0‑12.4.36, and 13.0.0‑13.4.17 allow backend users to directly invoke AJAX backend routes without having access to the corresponding backend modules.

  • CVE-2024-55920Jan 14, 2025
    affected >= 10.0.0, < 10.4.48fixed 10.4.48

    TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing a