Arbitrary File Insertion Vulnerability in TYPO3 CMS
CVE-2026-47351
5.3MEDIUM
What is CVE-2026-47351?
A vulnerability in TYPO3 CMS enables backend users to insert arbitrary records and files into the system's clipboard without sufficient permission checks. This flaw can be exploited by unauthorized users to access sensitive data about records and files they typically should not be able to view, leading to potential information disclosure risks. The affected versions include TYPO3 CMS versions 10.4.0 through 13.4.30 and 14.0.0 through 14.3.2. Organizations must address this issue promptly to safeguard their data and maintain system integrity.
Affected Version(s)
TYPO3 CMS 10.4.0 < 13.4.31
TYPO3 CMS 14.0.0 < 14.3.3
