CVE-2026-47351

CVSS v4.0

5.3

Medium

Vector

AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions TYPO3 CMS versions 10.4.0 through 13.4.30 TYPO3 CMS versions 14.0.0 through 14.3.2

Description Backend users can insert arbitrary records and files into the clipboard without proper read permission checks. This allows unauthorized users to gather information about records and files they are not permitted to view.

Recommendations Update TYPO3 CMS versions 10.4.0 through 13.4.30 to a version newer than 13.4.30. Update TYPO3 CMS versions 14.0.0 through 14.3.2 to a version newer than 14.3.2.

Fix

Missing Authorization

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862CWE-200

Related Identifiers

CVE-2026-47351

Affected Products

Typo3/Cms

CVE-2026-47351

Weakness Enumeration

Related Identifiers

Affected Products

References · 5