CVE Catalog
CVE-2026-47350
MediumCVSS 5.3Exploitation Probability (EPSS)
Low risk0.03%
9th percentile - higher than 9% of all known CVEs
Summary
Backend users were able to move records to a different page without having edit permissions on the source page. This issue affects TYPO3 CMS versions 13.0.0-13.4.31 and 14.0.0-14.3.3.
Risk Assessment
The ability to move records without proper permissions may lead to unauthorized changes in data, jeopardizing the integrity of the system.
Recommendation
It is recommended to update TYPO3 CMS to the latest version to mitigate this vulnerability and review backend user permissions.
Original NVD description (English source)
Backend users were able to move records to a different page without having edit permissions on the source page. This issue affects TYPO3 CMS versions 13.0.0-13.4.31 and 14.0.0-14.3.3.

