Description
Non-privileged backend users with file mount access were able to perform write operations (move, delete, rename) on folders representing the root of an active file mount due to missing authorization restrictions. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0 through 11.5.50, 12.0.0 through 12.4.45, 13.0.0 through 13.4.30, and 14.0.0 through 14.3.2.
Published: 2026-06-09
Score: 7.2 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Non‑privileged backend users with access to file mounts were able to perform destructive actions such as move, delete, and rename files located at the root of an active file mount. The vulnerability is caused by missing authorization checks, allowing users without sufficient privileges to alter the file system structure. The impact is data loss or corruption and potential loss of access to critical files, which can affect availability and integrity of the content stored within the CMS.

Affected Systems

TYPO3 CMS is affected in all releases earlier than 10.4.57, all releases between 11.0.0 and 11.5.50, between 12.0.0 and 12.4.45, between 13.0.0 and 13.4.30, and between 14.0.0 and 14.3.2.

Risk and Exploitability

The vulnerability has a CVSS score of 7.2, indicating high severity. EPSS information is not available, and the issue is not listed in the CISA KEV catalog, suggesting that it may not be actively exploited at this time. The likely attack vector is through the TYPO3 backend interface where a user who is authenticated as a non‑privileged backend user can trigger the vulnerable actions. Attackers only need access to an account with file mount permissions; no elevated privileges or external network exposure are required. The lack of defensive checks means that any such user can immediately alter files, posing a significant risk if such accounts exist.

Generated by OpenCVE AI on June 9, 2026 at 12:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade TYPO3 CMS to any released version that includes the fix, for example 10.4.57, 11.5.50, 12.4.45, 13.4.30, or 14.3.2.
  • Restrict file mount permissions so that only privileged backend users can create or modify mounts.
  • Audit current file mount configurations for any unintended or exposed mounts and apply the patch if upgrades are not immediately possible.

Generated by OpenCVE AI on June 9, 2026 at 12:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 11:15:00 +0000

Type Values Removed Values Added
Description Non-privileged backend users with file mount access were able to perform write operations (move, delete, rename) on folders representing the root of an active file mount due to missing authorization restrictions. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0 through 11.5.50, 12.0.0 through 12.4.45, 13.0.0 through 13.4.30, and 14.0.0 through 14.3.2.
Title TYPO3 CMS - Destructive Actions on File Mount Folders
First Time appeared Typo3
Typo3 typo3
Weaknesses CWE-862
CPEs cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*
Vendors & Products Typo3
Typo3 typo3
References
Metrics cvssV4_0

{'score': 7.2, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Typo3 Typo3
cve-icon MITRE

Status: PUBLISHED

Assigner: TYPO3

Published:

Updated: 2026-06-09T12:53:27.239Z

Reserved: 2026-05-19T12:49:25.965Z

Link: CVE-2026-47343

cve-icon Vulnrichment

Updated: 2026-06-09T12:53:23.865Z

cve-icon NVD

Status : Deferred

Published: 2026-06-09T11:16:52.193

Modified: 2026-06-09T13:46:50.540

Link: CVE-2026-47343

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T15:30:07Z

Weaknesses