{"id":69789,"date":"2025-09-09T14:31:50","date_gmt":"2025-09-09T11:01:50","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-59018-information-disclosure-in-workspaces-module\/"},"modified":"2025-09-09T14:31:50","modified_gmt":"2025-09-09T11:01:50","slug":"cve-2025-59018-information-disclosure-in-workspaces-module","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-59018-information-disclosure-in-workspaces-module\/","title":{"rendered":"CVE-2025-59018 &#8211; Information Disclosure in Workspaces Module"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-59018<br \/>\n<br \/>\n<strong>Published : <\/strong> 9. September 2025 09:15 | 1\u00a0Stunde, 40\u00a0Minuten ago<br \/>\n<br \/>\n<strong>Description : <\/strong>Missing authorization checks in the Workspace Module of TYPO3 CMS versions 9.0.0\u20119.5.54, 10.0.0\u201110.4.53, 11.0.0\u201111.5.47, 12.0.0\u201112.4.36, and 13.0.0\u201113.4.17 allow backend users to directly invoke the corresponding AJAX backend route to disclose sensitive information without having access.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 7.1 | HIGH<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-59018 Published : 9. September 2025 09:15 | 1\u00a0Stunde, 40\u00a0Minuten ago Description : Missing authorization checks in the Workspace Module of TYPO3 CMS versions 9.0.0\u20119.5.54, 10.0.0\u201110.4.53, 11.0.0\u201111.5.47, 12.0.0\u201112.4.36, and 13.0.0\u201113.4.17 allow backend users to directly invoke the corresponding AJAX backend route to disclose sensitive information without having access. Severity: 7.1 | HIGH &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-69789","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/69789","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=69789"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/69789\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=69789"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=69789"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=69789"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}