CVE-2026-47343
Deferred Deferred - Pending Action
Unauthorized File Operations in TYPO3 CMS

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: TYPO3

Description
Non-privileged backend users with file mount access were able to perform write operations (move, delete, rename) on folders representing the root of an active file mount due to missing authorization restrictions. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0 through 11.5.50, 12.0.0 through 12.4.45, 13.0.0 through 13.4.30, and 14.0.0 through 14.3.2.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-15
AI Q&A
2026-06-09
EPSS Evaluated
2026-06-14
NVD
CVE-2026-47343
EUVD
EUVD-2026-35392
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
typo3 typo3_cms to 10.4.57 (exc)
typo3 typo3_cms From 11.0.0 (inc) to 11.5.50 (inc)
typo3 typo3_cms From 12.0.0 (inc) to 12.4.45 (inc)
typo3 typo3_cms From 13.0.0 (inc) to 13.4.30 (inc)
typo3 typo3_cms From 14.0.0 (inc) to 14.3.2 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in TYPO3 CMS allows non-privileged backend users who have file mount access to perform unauthorized write operations such as moving, deleting, or renaming folders that represent the root of an active file mount. This happens because of missing authorization restrictions in the system.

The issue affects multiple TYPO3 versions before certain patched releases and is due to broken access control in the File Abstraction Layer.

Impact Analysis

The vulnerability can lead to unauthorized modification or removal of critical folders that are part of the file storage system in TYPO3 CMS. Non-privileged users could move, delete, or rename these folders, potentially causing data loss, disruption of services, or unauthorized changes to the file system structure.

Such unauthorized actions could compromise the integrity and availability of files managed by the CMS.

Detection Guidance

This vulnerability involves unauthorized write operations (move, delete, rename) on folders representing the root of an active file mount by non-privileged backend users in TYPO3 CMS.

Detection would involve monitoring or auditing file mount folder operations performed by non-privileged users to identify unauthorized write actions.

Since the issue is specific to TYPO3 CMS backend user permissions, detection commands would focus on TYPO3 logs or backend user activity rather than network commands.

No specific commands for detection are provided in the available resources.

Mitigation Strategies

The primary mitigation step is to update TYPO3 CMS to a patched version where this vulnerability is fixed.

  • Upgrade to TYPO3 CMS version 10.4.57 ELTS or later in the 10.x series.
  • Upgrade to TYPO3 CMS version 11.5.51 ELTS or later in the 11.x series.
  • Upgrade to TYPO3 CMS version 12.4.46 ELTS or later in the 12.x series.
  • Upgrade to TYPO3 CMS version 13.4.31 LTS or later in the 13.x series.
  • Upgrade to TYPO3 CMS version 14.3.3 LTS or later in the 14.x series.

Additionally, follow the TYPO3 Security Guide and subscribe to the typo3-announce mailing list for ongoing security updates.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-47343. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart