CyberAlerts

CVE-2025-1420

Description: Input provided in a field containing "activationMessage" in Konsola Proget is not sanitized correctly, allowing a high-privileged user to perform a Stored Cross-Site Scripting attack. This issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite).

CVSS: LOW (2.4)

EPSS Score: 0.04%

Source: CVE

May 21st, 2025 (17 days ago)

CVE-2025-1419

XSS in Proget MDM

Description: Input provided in comment section of Konsola Proget is not sanitized correctly, allowing a high-privileged user to perform a Stored Cross-Site Scripting attack. This issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite).

CVSS: LOW (2.4)

EPSS Score: 0.04%

Source: CVE

May 21st, 2025 (17 days ago)

CVE-2024-8612

Qemu-kvm: information leak in virtio devices

Description: A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueue_push as set in virtio_scsi_complete_req / virtio_blk_req_complete / virito_crypto_req_complete could be larger than the true size of the data which has been sent to guest. Once virtqueue_push() finally calls dma_memory_unmap to ummap the in_iov, it may call the address_space_write function to write back the data. Some uninitialized data may exist in the bounce.buffer, leading to an information leak.

CVSS: LOW (3.8)

EPSS Score: 0.04%

SSVC Exploitation: none

Source: CVE

May 21st, 2025 (17 days ago)

CVE-2025-5007

Part-DB Profile Picture Feature AttachmentSubmitHandler.php handleUpload cross site scripting

Description: A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachment leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.17.1 is able to address this issue. The identifier of the patch is 2c4f44e808500db19c391159b30cb6142896d415. It is recommended to upgrade the affected component. In Part-DB bis 1.17.0 wurde eine problematische Schwachstelle ausgemacht. Das betrifft die Funktion handleUpload der Datei src/Services/Attachments/AttachmentSubmitHandler.php der Komponente Profile Picture Feature. Dank der Manipulation des Arguments attachment mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 1.17.1 vermag dieses Problem zu lösen. Der Patch wird als 2c4f44e808500db19c391159b30cb6142896d415 bezeichnet. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen.

CVSS: LOW (3.5)

EPSS Score: 0.03%

Source: CVE

May 20th, 2025 (18 days ago)

[typo3/cms-core] TYPO3 Unverified Password Change for Backend Users

Description: Problem The backend user management interface allows password changes without requiring the current password. When an administrator updates their own account or modifies other user accounts via the admin interface, the current password is not requested for verification. This behavior may lower the protection against unauthorized access in scenarios where an admin session is hijacked or left unattended, as it enables password changes without additional authentication. Solution Update to TYPO3 versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, 13.4.12 LTS that fix the problem described. [!NOTE] In these versions, administrators are required to verify their identity through step-up authentication (also known as sudo mode) when changing backend user passwords. Credits Thanks to the National Cyber Security Center (NCSC) of Switzerland for reporting this issue, and to TYPO3 core & security team member Benjamin Franzke for fixing it. References https://github.com/TYPO3/typo3/security/advisories/GHSA-3jrg-97f3-rqh9 https://nvd.nist.gov/vuln/detail/CVE-2025-47938 https://github.com/TYPO3-CMS/core/commit/b9a8bcb614ecdd42aa27e1c430c6213d6b6b20b3 https://github.com/TYPO3-CMS/setup/commit/60572dd050d8d861921889a19599bfe045fed5fd https://typo3.org/security/advisory/typo3-core-sa-2025-013 https://github.com/advisories/GHSA-3jrg-97f3-rqh9

CVSS: LOW (3.8)

EPSS Score: 0.04%

Source: Github Advisory Database (Composer)

May 20th, 2025 (18 days ago)

[typo3/cms-setup] TYPO3 Unverified Password Change for Backend Users

Description: Problem The backend user management interface allows password changes without requiring the current password. When an administrator updates their own account or modifies other user accounts via the admin interface, the current password is not requested for verification. This behavior may lower the protection against unauthorized access in scenarios where an admin session is hijacked or left unattended, as it enables password changes without additional authentication. Solution Update to TYPO3 versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, 13.4.12 LTS that fix the problem described. [!NOTE] In these versions, administrators are required to verify their identity through step-up authentication (also known as sudo mode) when changing backend user passwords. Credits Thanks to the National Cyber Security Center (NCSC) of Switzerland for reporting this issue, and to TYPO3 core & security team member Benjamin Franzke for fixing it. References https://github.com/TYPO3/typo3/security/advisories/GHSA-3jrg-97f3-rqh9 https://nvd.nist.gov/vuln/detail/CVE-2025-47938 https://github.com/TYPO3-CMS/core/commit/b9a8bcb614ecdd42aa27e1c430c6213d6b6b20b3 https://github.com/TYPO3-CMS/setup/commit/60572dd050d8d861921889a19599bfe045fed5fd https://typo3.org/security/advisory/typo3-core-sa-2025-013 https://github.com/advisories/GHSA-3jrg-97f3-rqh9

CVSS: LOW (3.8)

EPSS Score: 0.04%

Source: Github Advisory Database (Composer)

May 20th, 2025 (18 days ago)

CVE-2025-48015

Observable Response Discrepancy

Description: Failed login response could be different depending on whether the username was local or central.

CVSS: LOW (3.7)

EPSS Score: 0.04%

SSVC Exploitation: none

Source: CVE

May 20th, 2025 (18 days ago)

CVE-2025-47938

TYPO3 Vulnerable to Unverified Password Change for Backend Users

Description: TYPO3 is an open source, PHP based web content management system. Starting in version 9.0.0 and prior to versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, the backend user management interface allows password changes without requiring the current password. When an administrator updates their own account or modifies other user accounts via the admin interface, the current password is not requested for verification. This behavior may lower the protection against unauthorized access in scenarios where an admin session is hijacked or left unattended, as it enables password changes without additional authentication. Users should update to TYPO3 version 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS to fix the problem.

CVSS: LOW (3.8)

EPSS Score: 0.04%

SSVC Exploitation: none

Source: CVE

May 20th, 2025 (18 days ago)

CVE-2025-47937

TYPO3 Vulnerable to Information Disclosure via DBAL Restriction Handling

Description: TYPO3 is an open source, PHP based web content management system. Starting in version 9.0.0 and prior to versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, when performing a database query involving multiple tables through the database abstraction layer (DBAL), frontend user permissions are only applied via `FrontendGroupRestriction` to the first table. As a result, data from additional tables included in the same query may be unintentionally exposed to unauthorized users. Users should update to TYPO3 version 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS to fix the problem.

CVSS: LOW (3.7)

EPSS Score: 0.04%

SSVC Exploitation: none

Source: CVE

May 20th, 2025 (18 days ago)

CVE-2025-47936

TYPO3 Vulnerable to Server Side Request Forgery via Webhooks

Description: TYPO3 is an open source, PHP based web content management system. In versions on the 12.x branch prior to 12.4.31 LTS and the 13.x branch prior to 13.4.2 LTS, Webhooks are inherently vulnerable to Cross-Site Request Forgery (CSRF), which can be exploited by adversaries to target internal resources (e.g., localhost or other services on the local network). While this is not a vulnerability in TYPO3 itself, it may enable attackers to blindly access systems that would otherwise be inaccessible. An administrator-level backend user account is required to exploit this vulnerability. Users should update to TYPO3 version 12.4.31 LTS or 13.4.12 LTS to fix the problem.

CVSS: LOW (3.3)

EPSS Score: 0.04%

SSVC Exploitation: none

Source: CVE

May 20th, 2025 (18 days ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-1420	XSS in Proget MDM Description: Input provided in a field containing "activationMessage" in Konsola Proget is not sanitized correctly, allowing a high-privileged user to perform a Stored Cross-Site Scripting attack. This issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite). CVSS: LOW (2.4) EPSS Score: 0.04% Source: CVE May 21st, 2025 (17 days ago)
CVE-2025-1419	XSS in Proget MDM Description: Input provided in comment section of Konsola Proget is not sanitized correctly, allowing a high-privileged user to perform a Stored Cross-Site Scripting attack. This issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite). CVSS: LOW (2.4) EPSS Score: 0.04% Source: CVE May 21st, 2025 (17 days ago)
CVE-2024-8612	Qemu-kvm: information leak in virtio devices Description: A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueue_push as set in virtio_scsi_complete_req / virtio_blk_req_complete / virito_crypto_req_complete could be larger than the true size of the data which has been sent to guest. Once virtqueue_push() finally calls dma_memory_unmap to ummap the in_iov, it may call the address_space_write function to write back the data. Some uninitialized data may exist in the bounce.buffer, leading to an information leak. CVSS: LOW (3.8) EPSS Score: 0.04% SSVC Exploitation: none Source: CVE May 21st, 2025 (17 days ago)
CVE-2025-5007	Part-DB Profile Picture Feature AttachmentSubmitHandler.php handleUpload cross site scripting Description: A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachment leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.17.1 is able to address this issue. The identifier of the patch is 2c4f44e808500db19c391159b30cb6142896d415. It is recommended to upgrade the affected component. In Part-DB bis 1.17.0 wurde eine problematische Schwachstelle ausgemacht. Das betrifft die Funktion handleUpload der Datei src/Services/Attachments/AttachmentSubmitHandler.php der Komponente Profile Picture Feature. Dank der Manipulation des Arguments attachment mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 1.17.1 vermag dieses Problem zu lösen. Der Patch wird als 2c4f44e808500db19c391159b30cb6142896d415 bezeichnet. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. CVSS: LOW (3.5) EPSS Score: 0.03% Source: CVE May 20th, 2025 (18 days ago)
	[typo3/cms-core] TYPO3 Unverified Password Change for Backend Users Description: Problem The backend user management interface allows password changes without requiring the current password. When an administrator updates their own account or modifies other user accounts via the admin interface, the current password is not requested for verification. This behavior may lower the protection against unauthorized access in scenarios where an admin session is hijacked or left unattended, as it enables password changes without additional authentication. Solution Update to TYPO3 versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, 13.4.12 LTS that fix the problem described. [!NOTE] In these versions, administrators are required to verify their identity through step-up authentication (also known as sudo mode) when changing backend user passwords. Credits Thanks to the National Cyber Security Center (NCSC) of Switzerland for reporting this issue, and to TYPO3 core & security team member Benjamin Franzke for fixing it. References https://github.com/TYPO3/typo3/security/advisories/GHSA-3jrg-97f3-rqh9 https://nvd.nist.gov/vuln/detail/CVE-2025-47938 https://github.com/TYPO3-CMS/core/commit/b9a8bcb614ecdd42aa27e1c430c6213d6b6b20b3 https://github.com/TYPO3-CMS/setup/commit/60572dd050d8d861921889a19599bfe045fed5fd https://typo3.org/security/advisory/typo3-core-sa-2025-013 https://github.com/advisories/GHSA-3jrg-97f3-rqh9 CVSS: LOW (3.8) EPSS Score: 0.04% Source: Github Advisory Database (Composer) May 20th, 2025 (18 days ago)
	[typo3/cms-setup] TYPO3 Unverified Password Change for Backend Users Description: Problem The backend user management interface allows password changes without requiring the current password. When an administrator updates their own account or modifies other user accounts via the admin interface, the current password is not requested for verification. This behavior may lower the protection against unauthorized access in scenarios where an admin session is hijacked or left unattended, as it enables password changes without additional authentication. Solution Update to TYPO3 versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, 13.4.12 LTS that fix the problem described. [!NOTE] In these versions, administrators are required to verify their identity through step-up authentication (also known as sudo mode) when changing backend user passwords. Credits Thanks to the National Cyber Security Center (NCSC) of Switzerland for reporting this issue, and to TYPO3 core & security team member Benjamin Franzke for fixing it. References https://github.com/TYPO3/typo3/security/advisories/GHSA-3jrg-97f3-rqh9 https://nvd.nist.gov/vuln/detail/CVE-2025-47938 https://github.com/TYPO3-CMS/core/commit/b9a8bcb614ecdd42aa27e1c430c6213d6b6b20b3 https://github.com/TYPO3-CMS/setup/commit/60572dd050d8d861921889a19599bfe045fed5fd https://typo3.org/security/advisory/typo3-core-sa-2025-013 https://github.com/advisories/GHSA-3jrg-97f3-rqh9 CVSS: LOW (3.8) EPSS Score: 0.04% Source: Github Advisory Database (Composer) May 20th, 2025 (18 days ago)
CVE-2025-48015	Observable Response Discrepancy Description: Failed login response could be different depending on whether the username was local or central. CVSS: LOW (3.7) EPSS Score: 0.04% SSVC Exploitation: none Source: CVE May 20th, 2025 (18 days ago)
CVE-2025-47938	TYPO3 Vulnerable to Unverified Password Change for Backend Users Description: TYPO3 is an open source, PHP based web content management system. Starting in version 9.0.0 and prior to versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, the backend user management interface allows password changes without requiring the current password. When an administrator updates their own account or modifies other user accounts via the admin interface, the current password is not requested for verification. This behavior may lower the protection against unauthorized access in scenarios where an admin session is hijacked or left unattended, as it enables password changes without additional authentication. Users should update to TYPO3 version 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS to fix the problem. CVSS: LOW (3.8) EPSS Score: 0.04% SSVC Exploitation: none Source: CVE May 20th, 2025 (18 days ago)
CVE-2025-47937	TYPO3 Vulnerable to Information Disclosure via DBAL Restriction Handling Description: TYPO3 is an open source, PHP based web content management system. Starting in version 9.0.0 and prior to versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, when performing a database query involving multiple tables through the database abstraction layer (DBAL), frontend user permissions are only applied via `FrontendGroupRestriction` to the first table. As a result, data from additional tables included in the same query may be unintentionally exposed to unauthorized users. Users should update to TYPO3 version 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS to fix the problem. CVSS: LOW (3.7) EPSS Score: 0.04% SSVC Exploitation: none Source: CVE May 20th, 2025 (18 days ago)
CVE-2025-47936	TYPO3 Vulnerable to Server Side Request Forgery via Webhooks Description: TYPO3 is an open source, PHP based web content management system. In versions on the 12.x branch prior to 12.4.31 LTS and the 13.x branch prior to 13.4.2 LTS, Webhooks are inherently vulnerable to Cross-Site Request Forgery (CSRF), which can be exploited by adversaries to target internal resources (e.g., localhost or other services on the local network). While this is not a vulnerability in TYPO3 itself, it may enable attackers to blindly access systems that would otherwise be inaccessible. An administrator-level backend user account is required to exploit this vulnerability. Users should update to TYPO3 version 12.4.31 LTS or 13.4.12 LTS to fix the problem. CVSS: LOW (3.3) EPSS Score: 0.04% SSVC Exploitation: none Source: CVE May 20th, 2025 (18 days ago)