Auth bypass in Typo3 Cms

CVE-2025-59021

Backend users with access to the redirects module and write permission on the sys_redirect table were able to read, create, and modify any redirect record without restriction to the user’s own file-mounts or web-mounts. This allowed attack…

Vulnerability class: Broken Access Control

EPSS: 0.000 (2.4th percentile) — read the EPSS interpretation.

Affected products

Typo3 Cms — versions 10.0.0, 11.0.0, 12.0.0

Weakness classification (CWE)

CWE-862 — Missing Authorization

References

typo3.org/security/advisory/typo3-core-sa-2026-002 (vendor-advisory)
Git commit of main branch (patch)
Git commit of 13.4 branch (patch)
Git commit of 12.4 branch (patch)