Paul Keller

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 9.5.25 TYPO3 versions prior to 10.4.14 TYPO3 versions prior to 11.1.1 **Description** The issue arises when requesting invalid or non-existing resources via HTTP, triggering the page error handler. This handler can retrieve content from another page to be shown as an error message, leading to a recursive application call that amplifies the initial attack's impact until the web server's limits are exceeded. **Recommendations** Update to version 9.5.25 to resolve the issue. Update to version 10.4.14 to resolve the issue. Update to version 11.1.1 to resolve the issue.