Typo3 · Typo3 · CVE-2025-47941
**Name of the Vulnerable Software and Affected Versions**
TYPO3 versions 12.x prior to 12.4.31 LTS
TYPO3 versions 13.x prior to 13.4.2 LTS
**Description**
The issue concerns the multifactor authentication (MFA) dialog presented during backend login, which can be bypassed due to insufficient enforcement of access restrictions on all backend routes. Successful exploitation requires valid backend user credentials, as MFA can only be bypassed after successful authentication.
**Recommendations**
For versions 12.x prior to 12.4.31 LTS, update to TYPO3 version 12.4.31 LTS to fix the problem.
For versions 13.x prior to 13.4.2 LTS, update to TYPO3 version 13.4.2 LTS to fix the problem.