CVE-2025-59013

An openredirect vulnerability in GeneralUtility::sanitizeLocalUrl of TYPO3 CMS 9.0.09.5.54, 10.0.010.4.53, 11.0.011.5.47, 12.0.012.4.36, and 13.0.013.4.17 allows an attacker to redirect users to arbitrary external sites, enabling phishing attacks by supplying a manipulated, sanitized URL.
Open Redirect
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
TYPO3CNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Common Weakness Enumeration
References
https://typo3.org/security/advisory/typo3-core-sa-2025-017