Georg Dümmler

**Name of the Vulnerable Software and Affected Versions** TYPO3 CMS versions 10.0.0 through 10.4.54 TYPO3 CMS versions 11.0.0 through 11.5.48 TYPO3 CMS versions 12.0.0 through 12.4.40 TYPO3 CMS versions 13.0.0 through 13.4.22 TYPO3 CMS versions 14.0.0 through 14.0.1 **Description** Users with backend access to the redirects module and write permission on the `sys redirect` table could read, create, and modify any redirect record without restrictions. This allowed for the insertion or alteration of redirects pointing to arbitrary URLs, potentially enabling phishing or other malicious redirect attacks. **Recommendations** TYPO3 CMS versions 10.0.0 through 10.4.54 should be updated. TYPO3 CMS versions 11.0.0 through 11.5.48 should be updated. TYPO3 CMS versions 12.0.0 through 12.4.40 should be updated. TYPO3 CMS versions 13.0.0 through 13.4.22 should be updated. TYPO3 CMS versions 14.0.0 through 14.0.1 should be updated.