CVE-2026-47343

Description

Non-privileged backend users with file mount access were able to perform write operations (move, delete, rename) on folders representing the root of an active file mount due to missing authorization restrictions. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0 through 11.5.50, 12.0.0 through 12.4.45, 13.0.0 through 13.4.30, and 14.0.0 through 14.3.2.

CVSS breakdown

CVSS 4.0

Attack Vector

Network

Attack Complexity

Low

Attack Requirements

None

Privileges Required

Low

User Interaction

None

Confidentiality (Vulnerable System)

Low

Integrity (Vulnerable System)

High

Availability (Vulnerable System)

Low

Confidentiality (Subsequent System)

None

Integrity (Subsequent System)

None

Availability (Subsequent System)

None

Affected products

TYPO3 / TYPO3 CMS0 – 10.4.57
TYPO3 / TYPO3 CMS11.0.0 – 11.5.51
TYPO3 / TYPO3 CMS12.0.0 – 12.4.46
TYPO3 / TYPO3 CMS13.0.0 – 13.4.31
TYPO3 / TYPO3 CMS14.0.0 – 14.3.3

References

MISChttps://typo3.org/security/advisory/typo3-core-sa-2026-007
PATCHhttps://github.com/TYPO3/typo3/commit/504e72470ff72aaf5d2256878bf473747f389798
PATCHhttps://github.com/TYPO3/typo3/commit/ac4125aef8b9b94528a7f74db2444db57b05a87b