6.8 Medium
AI Score
Confidence
Low
The workspace/ version preview link created by a privileged (backend) user could be abused to obtain certain editing permission, if the admin panel is configured to be shown. A valid preview link is required to exploit this vulnerability.
github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-04-12-4.yaml
typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-012