Unauthorized File Operations Vulnerability in TYPO3 CMS
CVE-2026-47343
7.2HIGH
What is CVE-2026-47343?
This vulnerability allows non-privileged backend users with file mount access to execute write operations—including moving, deleting, or renaming folders—without appropriate authorization. The issue stems from inadequate access restrictions on folders that represent the root of an active file mount, potentially leading to unauthorized data manipulation and loss. It specifically affects multiple versions of TYPO3 CMS, necessitating prompt action to secure the system.
Affected Version(s)
TYPO3 CMS 0 < 10.4.57
TYPO3 CMS 11.0.0 < 11.5.51
TYPO3 CMS 12.0.0 < 12.4.46
