{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T12:31:58.214","vulnerabilities":[{"cve":{"id":"CVE-2025-47940","sourceIdentifier":"security-advisories@github.com","published":"2025-05-20T14:15:50.950","lastModified":"2025-09-03T17:24:07.460","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"TYPO3 is an open source, PHP based web content management system. Starting in version 10.0.0 and prior to versions 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, administrator-level backend users without system maintainer privileges can escalate their privileges and gain system maintainer access. Exploiting this vulnerability requires a valid administrator account. Users should update to TYPO3 version 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS to fix the problem."},{"lang":"es","value":"TYPO3 es un sistema de gestión de contenido web de código abierto basado en PHP. A partir de la versión 10.0.0 y anteriores a las versiones 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS y 13.4.12 LTS, los usuarios de backend con nivel de administrador sin privilegios de mantenimiento del sistema pueden escalar sus privilegios y obtener acceso de mantenimiento del sistema. Para explotar esta vulnerabilidad se requiere una cuenta de administrador válida. Los usuarios deben actualizar a las versiones 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS o 13.4.12 LTS de TYPO3 para solucionar el problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-283"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*","versionStartIncluding":"10.4.0","versionEndExcluding":"10.4.50","matchCriteriaId":"B56B2C86-39E6-460D-83AF-182AB34AE3FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*","versionStartIncluding":"11.0.0","versionEndExcluding":"11.5.44","matchCriteriaId":"6F1A88B2-0BFA-42E7-8F49-835C8F2D4E3F"},{"vulnerable":true,"criteria":"cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0.0","versionEndExcluding":"12.4.31","matchCriteriaId":"05F9DC80-7BBC-42A0-800E-EF90CA604C7F"},{"vulnerable":true,"criteria":"cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.4.12","matchCriteriaId":"10E529B8-AA31-4603-800C-39AF3CCBA1E7"}]}]}],"references":[{"url":"https://github.com/TYPO3/typo3/security/advisories/GHSA-6frx-j292-c844","source":"security-advisories@github.com","tags":["Vendor Advisory"]},{"url":"https://typo3.org/security/advisory/typo3-core-sa-2025-016","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}