diff --git a/typo3/sysext/filelist/Classes/ElementBrowser/FileBrowser.php b/typo3/sysext/filelist/Classes/ElementBrowser/FileBrowser.php
index 4e90ce79f0650504639e7fe0beb7ae4e0de4a59a..32ed8ce5f0b5db2ec057ed1740f2a4b7d1613835 100644
--- a/typo3/sysext/filelist/Classes/ElementBrowser/FileBrowser.php
+++ b/typo3/sysext/filelist/Classes/ElementBrowser/FileBrowser.php
@@ -61,8 +61,8 @@ class FileBrowser extends AbstractResourceBrowser
         $this->searchWord = trim((string)($request->getParsedBody()['searchTerm'] ?? $request->getQueryParams()['searchTerm'] ?? ''));
 
         $fileExtensions = GeneralUtility::trimExplode('~', explode('|', $this->bparams)[3], true);
-        $allowed = str_replace('allowed=', '', $fileExtensions[0] ?? '');
-        $disallowed = str_replace('disallowed=', '', $fileExtensions[1] ?? '');
+        $allowed = preg_replace('/^allowed=/', '', $fileExtensions[0] ?? '', 1);
+        $disallowed = preg_replace('/^disallowed=/', '', $fileExtensions[1] ?? '', 1);
 
         $this->fileExtensionFilter = GeneralUtility::makeInstance(FileExtensionFilter::class);
         if ($allowed !== '' && !str_contains($allowed, 'sys_file') && !str_contains($allowed, '*')) {