|
621
|
- |
|
-
|
-
|
Applications that use GeneralUtility::sanitizeLocalUrl to allow only local URLs are vulnerable to open redirect attacks if the URL is used after it has passed the aforementioned sanitization checks. …
New
|
CWE-601
Open Redirect
|
CVE-2026-47347
|
2026-06-9 22:46 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
622
|
- |
|
-
|
-
|
Editors with access to create or modify page content were able to include HTML markup in page titles that were stored in the search index without sanitization. When displayed in frontend search resul…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-47348
|
2026-06-9 22:46 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
623
|
- |
|
-
|
-
|
Backend users with access to the Recycler module were able to restore soft-deleted records on pages or for tables they were not authorized to modify. This issue affects TYPO3 CMS versions before 10.4…
New
|
CWE-862
Missing Authorization
|
CVE-2026-47349
|
2026-06-9 22:46 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
624
|
- |
|
-
|
-
|
Backend users were able to move records to a different page without having edit permissions on the source page. This issue affects TYPO3 CMS versions 13.0.0-13.4.31 and 14.0.0-14.3.3.
New
|
CWE-862
Missing Authorization
|
CVE-2026-47350
|
2026-06-9 22:46 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
625
|
- |
|
-
|
-
|
Backend users were able to insert arbitrary records and files into the TYPO3 clipboard without proper read permission checks, which allowed users to gather information about records and files they we…
New
|
CWE-200
CWE-862
Information Exposure
Missing Authorization
|
CVE-2026-47351
|
2026-06-9 22:46 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
626
|
- |
|
-
|
-
|
Authenticated backend users were able to retrieve file metadata via several Backend API routes without proper permission checks, allowing access to files outside their permitted file mounts or storag…
New
|
CWE-862
Missing Authorization
|
CVE-2026-47352
|
2026-06-9 22:46 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
627
|
- |
|
-
|
-
|
The path allowance check in GeneralUtility::isAllowedAbsPath() performed a plain string prefix comparison without requiring a directory separator boundary, causing a path like /var/www/html-other/sec…
New
|
CWE-22
Path Traversal
|
CVE-2026-49738
|
2026-06-9 22:46 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
628
|
- |
|
-
|
-
|
TYPO3's cache frontend (VariableFrontend) and persistent key-value store (Registry) deserialized PHP payloads without integrity validation or class restrictions. An attacker with write access to the …
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-49740
|
2026-06-9 22:46 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
629
|
- |
|
-
|
-
|
Backend users with write access to the form_definition database table were able to directly create, update, or delete form definition records via DataHandler, bypassing the Form Framework's persisten…
New
|
CWE-89
CWE-862
SQL Injection
Missing Authorization
|
CVE-2026-49741
|
2026-06-9 22:46 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
630
|
- |
|
-
|
-
|
Backend users with file download permissions were able to download files from the fallback storage of the file abstraction layer (FAL) via the Media Module. Since the fallback storage resolves paths …
New
|
CWE-22
CWE-200
Path Traversal
Information Exposure
|
CVE-2026-49742
|
2026-06-9 22:46 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
