PT-2025-46649 · Typo3 · Typo3 Extension "Modules"
Thomas Deuling
·
Published
2025-11-12
·
Updated
2025-11-13
·
CVE-2025-12998
CVSS v4.0
8.2
High
| Vector | AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
TYPO3 Extension "Modules" versions prior to 4.3.11
TYPO3 Extension "Modules" versions 5.0.0 through 5.7.3
TYPO3 Extension "Modules" versions 6.0.0 through 6.4.1
TYPO3 Extension "Modules" versions 7.0.0 through 7.5.4
Description
An improper authentication issue exists in the TYPO3 Extension "Modules". The issue relates to authentication mechanisms within the extension.
Recommendations
Update TYPO3 Extension "Modules" to version 4.3.11 or later.
Update TYPO3 Extension "Modules" to version 5.7.4 or later.
Update TYPO3 Extension "Modules" to version 6.4.2 or later.
Update TYPO3 Extension "Modules" to version 7.5.5 or later.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Typo3 Extension "Modules"