CVE-2025-7899 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
TYPO3	CNA	---				---
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 11%

Common Weakness Enumeration

CWE-639 - Authorization Bypass Through User-Controlled Key
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

Vulnerability Media Exposure

[GERMAN] TYPO3 Extensions: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in verschiedenen TYPO3 Extensions ausnutzen, um Informationen offenzulegen, und um Dateien zu manipulieren.
Published: 2025-07-21T22:00:00+00:00

References

https://typo3.org/security/advisory/typo3-ext-sa-2025-009