CVE-2025-59019
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-09

Last updated on: 2025-09-26

Assigner: TYPO3

Description
Missing authorization checks in the CSV download feature of TYPO3 CMS versions 11.0.0‑11.5.47, 12.0.0‑12.4.36, and 13.0.0‑13.4.17 allow backend users to disclose information from arbitrary database tables stored within the users' web mounts without having access to them.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-09
Last Modified
2025-09-26
Generated
2026-06-16
AI Q&A
2025-09-09
EPSS Evaluated
2026-06-14
NVD
CVE-2025-59019
EUVD
EUVD-2025-27226
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
typo3 typo3 From 11.0.0 (inc) to 11.5.48 (exc)
typo3 typo3 From 12.0.0 (inc) to 12.4.37 (exc)
typo3 typo3 From 13.0.0 (inc) to 13.4.18 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-59019 is an information disclosure vulnerability in the TYPO3 CMS Workspaces Module that affects multiple TYPO3 versions. It occurs because the CSV download feature lacks proper authorization checks, allowing any authenticated backend user to access and download data from arbitrary database tables within users' web mounts, even if they do not have permission to access that data. This means sensitive information can be exposed to unauthorized users. [1]

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive information stored in the TYPO3 CMS database. Backend users without proper permissions can retrieve arbitrary data from the system, potentially exposing confidential or private information. This can result in data breaches, loss of trust, and potential harm to individuals or organizations relying on the confidentiality of the data. [1]

Detection Guidance

Detection of this vulnerability involves identifying attempts by authenticated backend users to invoke the vulnerable AJAX route within the TYPO3 Workspaces module that lacks proper permission checks. Monitoring web server logs for unusual or unauthorized AJAX requests to the workspaces module endpoints may help detect exploitation attempts. Specific commands are not provided in the available resources. [1]

Mitigation Strategies

The immediate mitigation step is to update TYPO3 CMS to the fixed versions: 9.5.55 ELTS, 10.4.54 ELTS, 11.5.48 ELTS, 12.4.37 LTS, or 13.4.18 LTS. Additionally, follow the TYPO3 Security Guide and subscribe to the typo3-announce mailing list for further updates and security advice. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-59019. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart