CVE Details
Basic Information
| Title |
CVE-2025-47940 |
| Type |
cve |
| Published |
2025-05-20T14:15:50 |
| Last Seen |
2025-05-20T14:21:24 |
CVSS Information
| Base Score |
7.2 (HIGH) |
| Attack Vector |
NETWORK |
| Attack Complexity |
LOW |
| Privileges Required |
HIGH |
| User Interaction |
NONE |
| Scope |
UNCHANGED |
| Confidentiality Impact |
HIGH |
| Integrity Impact |
HIGH |
| Availability Impact |
HIGH |
AI Analysis
| AI Description |
TYPO3, a PHP-based web content management system, has a vulnerability in versions 10.0.0 to 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS where administrator-level backend users without specific permissions can access and modify records they should not be able to, due to an issue with the access control mechanism. |
| AI Severity |
High |
| Vendor |
TYPO3 Association |
| Product |
TYPO3 CMS |
| Affected Version |
10.0.0 to 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, 13.4.12 LTS |
Additional Information
| CVE List |
CVE-2025-47940 |
| CWE List |
CWE-283 |
| Bulletin Family |
cve |
Description
TYPO3 is an open source, PHP based web content management system. Starting in version 10.0.0 and prior to versions 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, administrator-level backend users without…
CVSS Score Summary
Base Score: %!f(string=#) (HIGH)
View Full CVE Details
