CVE Catalog

CVE-2026-47350

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.03%

9th percentile - higher than 9% of all known CVEs

Summary

Backend users were able to move records to a different page without having edit permissions on the source page. This issue affects TYPO3 CMS versions 13.0.0-13.4.31 and 14.0.0-14.3.3.

Risk Assessment

The ability to move records without proper permissions may lead to unauthorized changes in data, jeopardizing the integrity of the system.

Recommendation

It is recommended to update TYPO3 CMS to the latest version to mitigate this vulnerability and review backend user permissions.

Original NVD description (English source)

Backend users were able to move records to a different page without having edit permissions on the source page. This issue affects TYPO3 CMS versions 13.0.0-13.4.31 and 14.0.0-14.3.3.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS