GHSA-49qv-h8pm-73pf

Source

https://github.com/advisories/GHSA-49qv-h8pm-73pf

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/11/GHSA-49qv-h8pm-73pf/GHSA-49qv-h8pm-73pf.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-49qv-h8pm-73pf

Aliases

CVE-2025-12998

Published

2025-11-12T12:30:28Z

Modified

2025-11-14T21:12:49.493506Z

Severity

8.2 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator

Summary

TYPO3 Modules Extension has Improper Authentication vulnerability

Details

Improper Authentication vulnerability in TYPO3 Extension "Modules" codingms/modules. This issue affects Extension "Modules": before 4.3.11, from 5.0.0 before 5.7.4, from 6.0.0 before 6.4.2, from 7.0.0 before 7.5.5.

Database specific

{
    "severity": "HIGH",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-287"
    ],
    "nvd_published_at": "2025-11-12T12:15:39Z",
    "github_reviewed_at": "2025-11-14T20:46:30Z"
}

References

Affected packages

Packagist / codingms/modules

Package

Name: codingms/modules
Purl: pkg:composer/codingms/modules

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.3.11

Affected versions

3.*

3.0.1

3.1.0

3.1.1

3.1.2

3.2.0

4.*

4.0.0

4.0.1

4.0.2

4.0.3

4.0.4

4.1.0

4.1.1

4.1.2

4.1.3

4.1.4

4.1.5

4.1.6

4.2.0

4.2.1

4.2.2

4.2.3

4.2.4

4.2.5

4.2.6

4.2.7

4.2.8

4.2.9

4.3.0

4.3.1

4.3.2

4.3.3

4.3.4

4.3.5

4.3.6

4.3.7

4.3.8

4.3.9

4.3.10

Packagist / codingms/modules

Package

Name: codingms/modules
Purl: pkg:composer/codingms/modules

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.0.0

Fixed

5.7.4

Affected versions

5.*

5.0.0

5.1.0

5.1.1

5.1.2

5.1.3

5.1.4

5.2.0

5.2.1

5.2.2

5.3.0

5.4.0

5.4.1

5.5.0

5.6.0

5.7.0

5.7.1

5.7.2

5.7.3

Packagist / codingms/modules

Package

Name: codingms/modules
Purl: pkg:composer/codingms/modules

Affected ranges

Type: ECOSYSTEM
Events: Introduced

7.0.0

Fixed

7.5.5

Affected versions

7.*

7.0.0

7.0.1

7.0.2

7.1.0

7.1.1

7.1.2

7.2.0

7.2.1

7.3.0

7.3.1

7.3.2

7.3.3

7.4.0

7.4.1

7.4.2

7.4.3

7.4.4

7.4.5

7.4.6

7.5.0

7.5.2

7.5.3

7.5.4

Packagist / codingms/modules

Package

Name: codingms/modules
Purl: pkg:composer/codingms/modules

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.0.0

Fixed

6.4.2

Affected versions

6.*

6.0.0

6.0.1

6.1.0

6.1.1

6.1.2

6.2.0

6.2.1

6.2.2

6.2.3

6.2.4

6.2.5

6.2.6

6.2.7

6.2.8

6.2.9

6.3.0

6.3.1

6.4.0

6.4.1