Skip to content

Commit beb7581

Browse files
stofstof
authored
Merge pull request #752 from eliashaeussler/typo3-extension-security-releases
Add CVE-2025-48200, CVE-2025-48201, CVE-2025-48202, CVE-2025-48203 and CVE-2025-48207
2 parents 2f761bf + bbd1ffb commit beb7581

File tree

5 files changed

+66
-0
lines changed

5 files changed

+66
-0
lines changed

clickstorm/cs-seo/CVE-2025-48203.yaml

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
title: 'TYPO3-EXT-SA-2025-005: Cross-Site Scripting in extension "[clickstorm] SEO" (cs_seo)'
2+
link: 'https://typo3.org/security/advisory/typo3-ext-sa-2025-005'
3+
cve: CVE-2025-48203
4+
branches:
5+
main:
6+
time: '2025-05-20 08:59:00'
7+
versions: ['>=9.0.0', '<9.3.0']
8+
8.x:
9+
time: '2025-05-20 09:14:00'
10+
versions: ['>=8.0.0', '<8.4.0']
11+
7.x:
12+
time: '2025-05-20 09:22:00'
13+
versions: ['>=7.0.0', '<7.5.0']
14+
6.x:
15+
time: '2025-05-20 09:35:00'
16+
versions: ['>=6.3.0', '<6.8.0']
17+
reference: 'composer://clickstorm/cs-seo'
18+

in2code/femanager/CVE-2025-48202.yaml

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
title: 'TYPO3-EXT-SA-2025-006: Insecure Direct Object Reference in extension "femanager" (femanager)'
2+
link: 'https://typo3.org/security/advisory/typo3-ext-sa-2025-006'
3+
cve: CVE-2025-48202
4+
branches:
5+
main:
6+
time: '2025-05-16 16:51:00'
7+
versions: ['>=8.0.0', '<8.2.2']
8+
7.x:
9+
time: '2025-05-16 16:47:00'
10+
versions: ['>=7.0.0', '<7.4.2']
11+
6.x:
12+
time: '2025-05-16 16:42:00'
13+
versions: ['>=6.0.0', '<6.4.1']
14+
5.x:
15+
time: '2025-05-16 15:52:00'
16+
versions: ['>=5.5.0', '<5.5.5']
17+
reference: 'composer://in2code/femanager'
18+

nitsan/ns-backup/CVE-2025-48201.yaml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
title: 'TYPO3-EXT-SA-2025-007: Multiple vulnerabilities in extension "Backup Plus" (ns_backup)'
2+
link: 'https://typo3.org/security/advisory/typo3-ext-sa-2025-007'
3+
cve: CVE-2025-48201
4+
branches:
5+
main:
6+
time: '2025-05-20 10:00:00'
7+
versions: ['<13.0.1']
8+
reference: 'composer://nitsan/ns-backup'
9+

renolit/reint-downloadmanager/CVE-2025-48207.yaml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
title: 'TYPO3-EXT-SA-2025-004: Insecure Direct Object Reference in extension "Download manager" (reint_downloadmanager)'
2+
link: 'https://typo3.org/security/advisory/typo3-ext-sa-2025-004'
3+
cve: CVE-2025-48207
4+
branches:
5+
main:
6+
time: '2025-05-18 21:08:00'
7+
versions: ['>=5.0.0', '<5.0.1']
8+
4.x:
9+
time: '2025-05-19 22:03:00'
10+
versions: ['<4.0.2']
11+
reference: 'composer://renolit/reint-downloadmanager'
12+

sjbr/sr-feuser-register/CVE-2025-48200.yaml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
title: 'TYPO3-EXT-SA-2025-008: Multiple vulnerabilities in extension "Front End User Registration" (sr_feuser_register)'
2+
link: 'https://typo3.org/security/advisory/typo3-ext-sa-2025-008'
3+
cve: CVE-2025-48200
4+
branches:
5+
main:
6+
time: '2025-05-20 00:07:00'
7+
versions: ['>=5.1.0', '<12.5.0']
8+
reference: 'composer://sjbr/sr-feuser-register'
9+

0 commit comments

Comments
 (0)