TYPO3 CMS Webhooks Server Side Request Forgery
Problem Webhooks are inherently vulnerable to Server-Side Request Forgery (SSRF), which can be exploited by adversaries to target internal resources (e.g., localhost or other services on the local network). While this is not a vulnerability in TYPO3 itself, it may enable attackers to blindly access systems that would otherwise be inaccessible. An administrator-level backend user account is required to exploit this vulnerability. Solution Update to TYPO3 versions 12.4.31 LTS, 13.4.12 …