CVE-2025-24856: An issue was discovered in the oidc (aka OpenID Connect Authentication) extension before 4.0.0 for TYPO3. The account linking logic allows a...

Medium (4.2)

Description

An issue was discovered in the oidc (aka OpenID Connect Authentication) extension before 4.0.0 for TYPO3. The account linking logic allows a pre-hijacking attack, leading to Account Takeover. The attack can only be exploited if the following requirements are met: (1) an attacker can anticipate the e-mail address of the user, (2) an attacker can register a public frontend user account using that e-mail address before the user's first OIDC login, and (3) the IDP returns an email field containing the e-mail address of the user,

Classification

CVE ID: CVE-2025-24856

CVSS Base Severity: MEDIUM

CVSS Base Score: 4.2

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.02% (probability of being exploited)

EPSS Percentile: 0.01432 (how common is this exploit)

EPSS Date: 2025-03-28 (when was this score calculated)

Timeline

2025-01-29 06:16:19 UTC
Github Advisory Database (Composer)

[causal/oidc] TYPO3-EXT-SA-2025-001: Account Takeover in extension "OpenID Connect Authentication" (oidc)
2025-03-16 04:40:16 UTC
CVE

An issue was discovered in the oidc (aka OpenID Connect Authentication) extension before 4.0.0 for TYPO3. The account linking logic allows a...