Description

TYPO3 is an open source, PHP based web content management system. Starting in version 10.0.0 and prior to versions 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, administrator-level backend users without system maintainer privileges can escalate their privileges and gain system maintainer access. Exploiting this vulnerability requires a valid administrator account. Users should update to TYPO3 version 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS to fix the problem.

INFO

Published Date :

2025-05-20T14:06:07.374Z

Last Modified :

2025-05-20T14:35:41.374Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-47940 vulnerability.

Vendors Products
Typo3
  • Typo3
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-47940.

URL Resource
https://github.com/TYPO3/typo3/security/advisories/GHSA-6frx-j292-c844 cve-icon cve-icon
https://typo3.org/security/advisory/typo3-core-sa-2025-016 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact