typo3/cms-core Security Advisories for v12.4.31 (3)
-
[MEDIUM] TYPO3 CMS exposes sensitive information in an error message
PKSA-ns26-fz7n-2jm8 CVE-2025-59016 GHSA-cvm2-5f78-g9m8
Affected version: >=13.0.0,<13.4.18|>=12.0.0,<12.4.37|>=11.0.0,<11.5.48|>=10.0.0,<10.4.54|>=9.0.0,<9.5.55
Reported by:
GitHub -
[MEDIUM] TYPO3 CMS has an open‑redirect vulnerability
PKSA-pz1k-khnw-3j7j CVE-2025-59013 GHSA-72jf-5fg5-3cw3
Affected version: >=13.0.0,<13.4.18|>=12.0.0,<12.4.37|>=11.0.0,<11.5.48|>=10.0.0,<10.4.54|>=9.0.0,<9.5.55
Reported by:
GitHub -
[MEDIUM] TYPO3 CMS uses insufficient entropy when generating passwords
PKSA-rwv7-ff55-f18g CVE-2025-59015 GHSA-p5jq-5383-qvc7
Affected version: >=13.0.0,<13.4.18|>=12.0.0,<12.4.37
Reported by:
GitHub