{“lastseen”:””,”description”:”Backend users were able to insert arbitrary records and files into the TYPO3 clipboard without proper read permission checks, which allowed users to gather information about records and files they were not authorized to view. This issue affects TYPO3 CMS versions 10.4.0-13.4.30 and 14.0.0-14.3.2.”,”published”:”2026-06-09T10:52:38.150Z”,”modified”:”2026-06-09T10:52:38.150Z”,”type”:”cve”,”title”:”TYPO3 CMS – Broken Access Control in Clipboard”,”source”:”TYPO3″,”references”:”https:\/\/typo3.org\/security\/advisory\/typo3-core-sa-2026-014\\nhttps:\/\/github.com\/TYPO3\/typo3\/commit\/932fbb9fcea25094e8bcc0f0ec5aab56b1d92451\\nhttps:\/\/github.com\/TYPO3\/typo3\/commit\/2740707563343d78184c0b7c6303a7484553d7f3″,”id”:”CVE-2026-47351″,”bulletinFamily”:””,”cwe”:[“CWE-862″,”CWE-200″],”cvelist”:null,”sourceData”:”TYPO3 TYPO3 CMS 10.4.0\\nTYPO3 TYPO3 CMS 14.0.0″,”sourceHref”:””,”cvss”:{“score”:5.3,”severity”:”MEDIUM”,”vector”:”CVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:L\/UI:N\/VC:L\/VI:N\/VA:N\/SC:N\/SI:N\/SA:N”,”version”:”4.0″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”TYPO3 CMS”,”version”:”10.4.0″,”vendor”:”TYPO3″,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”Backend users were able to insert arbitrary records and files into the TYPO3 clipboard without proper read permission checks, which allowed users to gather information…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,22,12,21,13,7,11,5],"class_list":["post-60980","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-53","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n