CVE-2026-47350: TYPO3 CMS has Broken Access Control in its DataHandler
Problem
Backend users were able to move records to a different page without having edit permissions on the source page.
Solution
Update to TYPO3 versions 13.4.31 LTS, 14.3.3 LTS that fix the problem described.
Credits
TYPO3 CMS thanks Hyunseo Shin for reporting this issue, and TYPO3 security team member Torben Hansen for fixing it.
Resources
References
- github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2026-47350.yaml
- github.com/TYPO3/typo3/commit/195356996a60e40aeb2cd3e45a5f5c8940d5e116
- github.com/TYPO3/typo3/commit/c9898d2e67608eda78f8bd1f06ee9cf05a872a56
- github.com/TYPO3/typo3/security/advisories/GHSA-qcmw-6rm2-5x78
- github.com/advisories/GHSA-qcmw-6rm2-5x78
- nvd.nist.gov/vuln/detail/CVE-2026-47350
- typo3.org/security/advisory/typo3-core-sa-2026-012
Code Behaviors & Features
Detect and mitigate CVE-2026-47350 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →