← back
CVE-2026-47351

TYPO3 CMS - Broken Access Control in Clipboard

CVSS 5.3 MEDIUMEPSS 0.2%CWE-200CWE-862
Backend users were able to insert arbitrary records and files into the TYPO3 clipboard without proper read permission checks, which allowed users to gather information about records and files they were not authorized to view. This issue affects TYPO3 CMS versions 10.4.0-13.4.30 and 14.0.0-14.3.2.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Affected products
TYPO3 · TYPO3 CMS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/TYPO3/typo3/commit/2740707563343d78184c0b7c6303a7484553d7f3https://github.com/TYPO3/typo3/commit/932fbb9fcea25094e8bcc0f0ec5aab56b1d92451https://typo3.org/security/advisory/typo3-core-sa-2026-014