TYPO3 CMS clipboard privilege escalation in v10.4-14.3
CVE-2026-47351 Published on June 9, 2026
TYPO3 CMS - Broken Access Control in Clipboard
Backend users were able to insert arbitrary records and files into the TYPO3 clipboard without proper read permission checks, which allowed users to gather information about records and files they were not authorized to view. This issue affects TYPO3 CMS versions 10.4.0-13.4.30 and 14.0.0-14.3.2.
Weakness Types
What is an AuthZ Vulnerability?
The software does not perform an authorization check when an actor attempts to access a resource or perform an action.
CVE-2026-47351 has been classified to as an AuthZ vulnerability or weakness.
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2026-47351 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2026-47351
Want to know whenever a new CVE is published for TYPO3? stack.watch will email you.
Affected Versions
TYPO3 CMS:- Version 10.4.0 and below 13.4.31 is affected.
- Version 14.0.0 and below 14.3.3 is affected.