TYPO3 is an open source, PHP based web content management system. Starting in version 10.0.0 and prior to versions 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, administrator-level backend users without system maintainer privileges can escalate their privileges and gain system maintainer access. Exploiting this vulnerability requires a valid administrator account. Users should update to TYPO3 version 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS to fix the problem.
References
Configurations
No configuration.
History
20 May 2025, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-20 14:15
Updated : 2025-05-21 20:25
NVD link : CVE-2025-47940
Mitre link : CVE-2025-47940
CVE.ORG link : CVE-2025-47940
JSON object : View
Products Affected
No product.
CWE
CWE-283
Unverified Ownership