Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-59014

An uncaught exception in the Bookmark Toolbar of TYPO3 CMS versions 11.0.0–11.5.47, 12.0.0–12.4.36, and 13.0.0–13.4.17 lets administrator‑level backend users trigger a denial‑of‑service condition in the backend user interface by saving manipulated data in the bookmark toolbar.

Published

2025-09-09T09:15:39.833

Last Modified

2025-09-10T13:40:09.090

Status

Analyzed

Source

f4fb688c-4412-4426-b4b8-421ecf27b14a

Severity

CVSSv3.1: 2.7 (LOW)

Weaknesses

Type: Secondary
CWE-248

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	typo3	typo3	< 11.5.48	Yes
Application	typo3	typo3	< 12.4.37	Yes
Application	typo3	typo3	< 13.4.18	Yes

References

https://typo3.org/security/advisory/typo3-core-sa-2025-018 Vendor Advisory (f4fb688c-4412-4426-b4b8-421ecf27b14a)