CVE-2025-47940

TYPO3 is an open source, PHP based web content management system. Starting in version 10.0.0 and prior to versions 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, administrator-level backend users without system maintainer privileges can escalate their privileges and gain system maintainer access. Exploiting this vulnerability requires a valid administrator account. Users should update to TYPO3 version 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS to fix the problem.
Configurations

No configuration.

History

20 May 2025, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-05-20 14:15

Updated : 2025-05-21 20:25


NVD link : CVE-2025-47940

Mitre link : CVE-2025-47940

CVE.ORG link : CVE-2025-47940


JSON object : View

Products Affected

No product.

CWE
CWE-283

Unverified Ownership