Insecure File Upload

🗓️ 22 May 2025 04:29:34Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 7 Views

Typo3/cms-core has an Insecure File Upload vulnerability allowing dangerous file uploads.

Reporter	Title	Published	Views	Family All 14
Circl	CVE-2025-47939	20 May 202515:13	–	circl
CNNVD	TYPO3 安全漏洞	20 May 202500:00	–	cnnvd
CVE	CVE-2025-47939	20 May 202514:00	–	cve
Cvelist	CVE-2025-47939 TYPO3 CMS Vulnerable to Unrestricted File Upload in File Abstraction Layer	20 May 202514:00	–	cvelist
EUVD	EUVD-2025-15955	3 Oct 202520:07	–	euvd
Github Security Blog	TYPO3 Allows Unrestricted File Upload in File Abstraction Layer	20 May 202519:35	–	github
NVD	CVE-2025-47939	20 May 202514:15	–	nvd
OSV	CVE-2025-47939 TYPO3 CMS Vulnerable to Unrestricted File Upload in File Abstraction Layer	20 May 202514:00	–	osv
OSV	GHSA-9HQ9-CR36-4WPJ TYPO3 Allows Unrestricted File Upload in File Abstraction Layer	20 May 202519:35	–	osv
Positive Technologies	PT-2025-22141 · Typo3 · Typo3	20 May 202500:00	–	ptsecurity

Vulners

Node

cms-core typo3/cms-coreRangev9.0.0–9.0.0php

cms-core typo3/cms-coreRangev10.0.0–v10.4.49php

cms-core typo3/cms-coreRangev11.0.0–11.5.43php

cms-core typo3/cms-coreRangev12.0.0–12.4.30php

cms-core typo3/cms-coreRange13.0.x-dev–13.4.11php

cms-core typo3/cms-coreRangev9.0.0–9.0.0php

cms-core typo3/cms-coreRangev9.1.0–9.1.0php

cms-core typo3/cms-coreRangev9.2.0–9.2.0php

cms-core typo3/cms-coreRangev9.2.1–9.2.1php

cms-core typo3/cms-coreRangev9.3.0–9.3.0php

cms-core typo3/cms-coreRangev9.3.1–9.3.1php

cms-core typo3/cms-coreRangev9.3.2–9.3.2php

cms-core typo3/cms-coreRangev9.3.3–9.3.3php

cms-core typo3/cms-coreRangev9.4.0–9.4.0php

cms-core typo3/cms-coreRangev9.5.0–9.5.0php

cms-core typo3/cms-coreRangev9.5.1–9.5.1php

cms-core typo3/cms-coreRangev9.5.10–9.5.10php

cms-core typo3/cms-coreRangev9.5.11–9.5.11php

cms-core typo3/cms-coreRangev9.5.12–9.5.12php

cms-core typo3/cms-coreRangev9.5.13–9.5.13php

cms-core typo3/cms-coreRangev9.5.14–9.5.14php

cms-core typo3/cms-coreRangev9.5.15–9.5.15php

cms-core typo3/cms-coreRangev9.5.16–9.5.16php

cms-core typo3/cms-coreRangev9.5.17–9.5.17php

cms-core typo3/cms-coreRangev9.5.18–9.5.18php

cms-core typo3/cms-coreRangev9.5.19–9.5.19php

cms-core typo3/cms-coreRangev9.5.2–9.5.2php

cms-core typo3/cms-coreRangev9.5.20–9.5.20php

cms-core typo3/cms-coreRangev9.5.21–9.5.21php

cms-core typo3/cms-coreRangev9.5.22–9.5.22php

cms-core typo3/cms-coreRangev9.5.23–9.5.23php

cms-core typo3/cms-coreRangev9.5.24–9.5.24php

cms-core typo3/cms-coreRangev9.5.25–9.5.25php

cms-core typo3/cms-coreRangev9.5.26–9.5.26php

cms-core typo3/cms-coreRangev9.5.27–9.5.27php

cms-core typo3/cms-coreRangev9.5.28–9.5.28php

cms-core typo3/cms-coreRangev9.5.29–9.5.29php

cms-core typo3/cms-coreRangev9.5.3–9.5.3php

cms-core typo3/cms-coreRangev9.5.30–9.5.30php

cms-core typo3/cms-coreRangev9.5.31–9.5.31php

cms-core typo3/cms-coreRangev9.5.4–9.5.4php

cms-core typo3/cms-coreRangev9.5.5–9.5.5php

cms-core typo3/cms-coreRangev9.5.6–9.5.6php

cms-core typo3/cms-coreRangev9.5.7–9.5.7php

cms-core typo3/cms-coreRangev9.5.8–9.5.8php

cms-core typo3/cms-coreRangev9.5.9–9.5.9php

cms-core typo3/cms-coreMatchv10.0.0php

cms-core typo3/cms-coreMatchv10.1.0php

cms-core typo3/cms-coreMatchv10.2.0php

cms-core typo3/cms-coreMatchv10.2.1php

cms-core typo3/cms-coreMatchv10.2.2php

cms-core typo3/cms-coreMatchv10.3.0php

cms-core typo3/cms-coreMatchv10.4.0php

cms-core typo3/cms-coreMatchv10.4.1php

cms-core typo3/cms-coreMatchv10.4.10php

cms-core typo3/cms-coreMatchv10.4.11php

cms-core typo3/cms-coreMatchv10.4.12php

cms-core typo3/cms-coreMatchv10.4.13php

cms-core typo3/cms-coreMatchv10.4.14php

cms-core typo3/cms-coreMatchv10.4.15php

cms-core typo3/cms-coreMatchv10.4.16php

cms-core typo3/cms-coreMatchv10.4.17php

cms-core typo3/cms-coreMatchv10.4.18php

cms-core typo3/cms-coreMatchv10.4.19php

cms-core typo3/cms-coreMatchv10.4.2php

cms-core typo3/cms-coreMatchv10.4.20php

cms-core typo3/cms-coreMatchv10.4.21php

cms-core typo3/cms-coreMatchv10.4.22php

cms-core typo3/cms-coreMatchv10.4.23php

cms-core typo3/cms-coreMatchv10.4.24php

cms-core typo3/cms-coreMatchv10.4.25php

cms-core typo3/cms-coreMatchv10.4.26php

cms-core typo3/cms-coreMatchv10.4.27php

cms-core typo3/cms-coreMatchv10.4.28php

cms-core typo3/cms-coreMatchv10.4.29php

cms-core typo3/cms-coreMatchv10.4.3php

cms-core typo3/cms-coreMatchv10.4.30php

cms-core typo3/cms-coreMatchv10.4.31php

cms-core typo3/cms-coreMatchv10.4.32php

cms-core typo3/cms-coreMatchv10.4.33php

cms-core typo3/cms-coreMatchv10.4.34php

cms-core typo3/cms-coreMatchv10.4.36php

cms-core typo3/cms-coreMatchv10.4.37php

cms-core typo3/cms-coreMatchv10.4.4php

cms-core typo3/cms-coreMatchv10.4.5php

cms-core typo3/cms-coreMatchv10.4.6php

cms-core typo3/cms-coreMatchv10.4.7php

cms-core typo3/cms-coreMatchv10.4.8php

cms-core typo3/cms-coreMatchv10.4.9php

cms-core typo3/cms-coreMatchv11.0.0php

cms-core typo3/cms-coreMatchv11.1.0php

cms-core typo3/cms-coreMatchv11.1.1php

cms-core typo3/cms-coreMatchv11.2.0php

cms-core typo3/cms-coreMatchv11.3.0php

cms-core typo3/cms-coreMatchv11.3.1php

cms-core typo3/cms-coreMatchv11.3.2php

cms-core typo3/cms-coreMatchv11.3.3php

cms-core typo3/cms-coreMatchv11.4.0php

cms-core typo3/cms-coreMatchv11.5.0php

cms-core typo3/cms-coreMatchv11.5.1php

cms-core typo3/cms-coreMatchv11.5.10php

cms-core typo3/cms-coreMatchv11.5.11php

cms-core typo3/cms-coreMatchv11.5.12php

cms-core typo3/cms-coreMatchv11.5.13php

cms-core typo3/cms-coreMatchv11.5.14php

cms-core typo3/cms-coreMatchv11.5.15php

cms-core typo3/cms-coreMatchv11.5.16php

cms-core typo3/cms-coreMatchv11.5.17php

cms-core typo3/cms-coreMatchv11.5.18php

cms-core typo3/cms-coreMatchv11.5.19php

cms-core typo3/cms-coreMatchv11.5.2php

cms-core typo3/cms-coreMatchv11.5.20php

cms-core typo3/cms-coreMatchv11.5.21php

cms-core typo3/cms-coreMatchv11.5.22php

cms-core typo3/cms-coreMatchv11.5.23php

cms-core typo3/cms-coreMatchv11.5.24php

cms-core typo3/cms-coreMatchv11.5.25php

cms-core typo3/cms-coreMatchv11.5.26php

cms-core typo3/cms-coreMatchv11.5.27php

cms-core typo3/cms-coreMatchv11.5.28php

cms-core typo3/cms-coreMatchv11.5.29php

cms-core typo3/cms-coreMatchv11.5.3php

cms-core typo3/cms-coreMatchv11.5.30php

cms-core typo3/cms-coreMatchv11.5.31php

cms-core typo3/cms-coreMatchv11.5.32php

cms-core typo3/cms-coreMatchv11.5.33php

cms-core typo3/cms-coreMatchv11.5.34php

cms-core typo3/cms-coreMatchv11.5.35php

cms-core typo3/cms-coreMatchv11.5.36php

cms-core typo3/cms-coreMatchv11.5.37php

cms-core typo3/cms-coreMatchv11.5.38php

cms-core typo3/cms-coreMatchv11.5.39php

cms-core typo3/cms-coreMatchv11.5.4php

cms-core typo3/cms-coreMatchv11.5.40php

cms-core typo3/cms-coreMatchv11.5.41php

cms-core typo3/cms-coreMatchv11.5.5php

cms-core typo3/cms-coreMatchv11.5.6php

cms-core typo3/cms-coreMatchv11.5.7php

cms-core typo3/cms-coreMatchv11.5.8php

cms-core typo3/cms-coreMatchv11.5.9php

cms-core typo3/cms-coreMatchv12.0.0php

cms-core typo3/cms-coreMatchv12.1.0php

cms-core typo3/cms-coreMatchv12.1.1php

cms-core typo3/cms-coreMatchv12.1.2php

cms-core typo3/cms-coreMatchv12.1.3php

cms-core typo3/cms-coreMatchv12.2.0php

cms-core typo3/cms-coreMatchv12.3.0php

cms-core typo3/cms-coreMatchv12.4.0php

cms-core typo3/cms-coreMatchv12.4.1php

cms-core typo3/cms-coreMatchv12.4.10php

cms-core typo3/cms-coreMatchv12.4.11php

cms-core typo3/cms-coreMatchv12.4.12php

cms-core typo3/cms-coreMatchv12.4.13php

cms-core typo3/cms-coreMatchv12.4.14php

cms-core typo3/cms-coreMatchv12.4.15php

cms-core typo3/cms-coreMatchv12.4.16php

cms-core typo3/cms-coreMatchv12.4.17php

cms-core typo3/cms-coreMatchv12.4.18php

cms-core typo3/cms-coreMatchv12.4.19php

cms-core typo3/cms-coreMatchv12.4.2php

cms-core typo3/cms-coreMatchv12.4.20php

cms-core typo3/cms-coreMatchv12.4.21php

cms-core typo3/cms-coreMatchv12.4.22php

cms-core typo3/cms-coreMatchv12.4.23php

cms-core typo3/cms-coreMatchv12.4.24php

cms-core typo3/cms-coreMatchv12.4.25php

cms-core typo3/cms-coreMatchv12.4.26php

cms-core typo3/cms-coreMatchv12.4.27php

cms-core typo3/cms-coreMatchv12.4.28php

cms-core typo3/cms-coreMatchv12.4.29php

cms-core typo3/cms-coreMatchv12.4.3php

cms-core typo3/cms-coreMatchv12.4.30php

cms-core typo3/cms-coreMatchv12.4.4php

cms-core typo3/cms-coreMatchv12.4.5php

cms-core typo3/cms-coreMatchv12.4.6php

cms-core typo3/cms-coreMatchv12.4.7php

cms-core typo3/cms-coreMatchv12.4.8php

cms-core typo3/cms-coreMatchv12.4.9php

cms-core typo3/cms-coreMatchv13.0.0php

cms-core typo3/cms-coreMatchv13.0.1php

cms-core typo3/cms-coreMatchv13.1.0php

cms-core typo3/cms-coreMatchv13.1.1php

cms-core typo3/cms-coreMatchv13.2.0php

cms-core typo3/cms-coreMatchv13.2.1php

cms-core typo3/cms-coreMatchv13.3.0php

cms-core typo3/cms-coreMatchv13.3.1php

cms-core typo3/cms-coreMatchv13.4.0php

cms-core typo3/cms-coreMatchv13.4.1php

cms-core typo3/cms-coreMatchv13.4.10php

cms-core typo3/cms-coreMatchv13.4.11php

cms-core typo3/cms-coreMatchv13.4.2php

cms-core typo3/cms-coreMatchv13.4.3php

cms-core typo3/cms-coreMatchv13.4.4php

cms-core typo3/cms-coreMatchv13.4.5php

cms-core typo3/cms-coreMatchv13.4.6php

cms-core typo3/cms-coreMatchv13.4.7php

cms-core typo3/cms-coreMatchv13.4.8php

cms-core typo3/cms-coreMatchv13.4.9php

Source	Link
github	www.github.com/TYPO3/typo3/security/advisories/GHSA-9hq9-cr36-4wpj
github	www.github.com/TYPO3-CMS/core/commit/c265beed6e2c01817c534a226e80e593400f8255
typo3	www.typo3.org/security/advisory/typo3-core-sa-2025-014
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-47939
github	www.github.com/TYPO3-CMS/core

13 Dec 2025 06:25Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.15.4

EPSS0.00129

SSVC