Vulnerability DatabaseCVE-2025-24856
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2025-24856
March 16, 2025
An issue was discovered in the oidc (aka OpenID Connect Authentication) extension before 4.0.0 for TYPO3. The account linking logic allows a pre-hijacking attack, leading to Account Takeover. The attack can only be exploited if the following requirements are met: (1) an attacker can anticipate the e-mail address of the user, (2) an attacker can register a public frontend user account using that e-mail address before the user's first OIDC login, and (3) the IDP returns an email field containing the e-mail address of the user,
Related Resources (4)
https://nvd.nist.gov/vuln/detail/CVE-2025-24856
https://github.com/FriendsOfPHP/security-advisories/blob/master/causal/oidc/CVE-2025-24856.yaml
https://typo3.org/security/advisory/typo3-ext-sa-2025-001
https://github.com/xperseguers/t3ext-oidc/commit/877e09f6faf4c87bbb41233112ec7e30d3c902b3
Do you need more information?
Contact Us
CVSS v4
Base Score:
1.3
Attack Vector
NETWORK
Attack Complexity
HIGH
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
LOW
Vulnerable System Availability
NONE
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
Exploit Maturity
POC
CVSS v3
Base Score:
4.2
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE
Exploit Maturity
FUNCTIONAL
Weakness Type (CWE)
Authentication Bypass Using an Alternate Path or Channel
CWE-288
Use of Less Trusted Source
CWE-348
Authorization Bypass Through User-Controlled Key
CWE-639
EPSS
Base Score:
0.07