Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

CVE-2026-47346— TYPO3 CMS - Broken Access Control in Form Framework

AI Predicted 9.8 Difficulty: Easy EPSS 0.44% · P35

Affected Version Matrix 5

VendorProductVersion RangeStatus
TYPO3TYPO3 CMS< 10.4.57affected
11.0.0< 11.5.51affected
12.0.0< 12.4.46affected
13.0.0< 13.4.31affected
14.0.0< 14.3.3affected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-47346

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
TYPO3 CMS - Broken Access Control in Form Framework
Source: NVD (National Vulnerability Database)
Vulnerability Description
Backend users with file write permissions were able to upload form definition files with mixed-case extensions (e.g., .FORM.YAML) to bypass the Form Framework's upload restriction. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing attackers to escalate privileges by creating administrative backend user accounts. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0-11.5.50, 12.0.0-12.4.45, 13.0.0-13.4.30 and 14.0.0-14.3.2.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
大小写敏感处理不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
TYPO3 CMS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
TYPO3 CMS是TYPO3开源的一个内容管理系统。 TYPO3 CMS存在安全漏洞,该漏洞源于表单定义文件上传限制可被混合大小写扩展名绕过,可能导致通过恶意表单定义文件执行任意SQL语句,从而提升权限。以下版本受到影响:10.4.57之前版本、11.0.0至11.5.50版本、12.0.0至12.4.45版本、13.0.0至13.4.30版本和14.0.0至14.3.2版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
TYPO3TYPO3 CMS 0 ~ 10.4.57 -

II. Public POCs for CVE-2026-47346

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-47346

登录查看更多情报信息。

Patches & Fixes for CVE-2026-47346 (2)

Vendor Advisories for CVE-2026-47346 (1)

Same Patch Batch · TYPO3 · 2026-06-09 · 13 CVEs total

CVE-2026-47347TYPO3 CMS - Open Redirect in Core Utilities
CVE-2026-47349TYPO3 CMS - Broken Access Control in Recycler
CVE-2026-47350TYPO3 CMS - Broken Access Control in DataHandler
CVE-2026-47348TYPO3 CMS - Cross-Site Scripting in Indexed Search
CVE-2026-47352TYPO3 CMS - Broken Access Control in Backend API
CVE-2026-47351TYPO3 CMS - Broken Access Control in Clipboard
CVE-2026-47343TYPO3 CMS - Destructive Actions on File Mount Folders
CVE-2026-11607TYPO3 CMS - Broken Access Control in Form Framework
CVE-2026-49742TYPO3 CMS - Broken Access Control in Media Module
CVE-2026-49738TYPO3 CMS - Broken Access Control in File Abstraction Layer
CVE-2026-49740TYPO3 CMS - Insecure Deserialization in Core API
CVE-2026-49741TYPO3 CMS - Privilege Escalation & SQL Injection in Form Framework

IV. Related Vulnerabilities

Same product: TYPO3 CMS
Same vendor: TYPO3
Same weakness: CWE-178

V. Comments for CVE-2026-47346

No comments yet

Leave a comment