TYPO3 CMS has Privilege Escalation & SQL Injection in its Form Framework

Problem Backend users with write access to the formdefinition database table were able to directly create, update, or delete form definition records via DataHandler, bypassing the Form Framework's persistence validation and permission checks. This allowed injecting arbitrary form configurations,...

GHSA-JH32-V29G-68PQ TYPO3 CMS has Privilege Escalation & SQL Injection in its Form Framework

Problem Backend users with write access to the formdefinition database table were able to directly create, update, or delete form definition records via DataHandler, bypassing the Form Framework's persistence validation and permission checks. This allowed injecting arbitrary form configurations,...

CVE-2026-49741

Backend users with write access to the formdefinition database table were able to directly create, update, or delete form definition records via DataHandler, bypassing the Form Framework's persistence validation and permission checks. This allowed injecting arbitrary form configurations,...

CVE-2026-49741

CVE-2026-49741 concerns TYPO3 CMS where backend users with write access to the form_definition table can directly manipulate form definitions via DataHandler, bypassing Form Framework validation and permission checks. This enables injecting arbitrary form configurations and is associated with SQL...

CVE-2026-49741 TYPO3 CMS - Privilege Escalation & SQL Injection in Form Framework

Backend users with write access to the formdefinition database table were able to directly create, update, or delete form definition records via DataHandler, bypassing the Form Framework's persistence validation and permission checks. This allowed injecting arbitrary form configurations,...

CVE-2026-47350 TYPO3 CMS - Broken Access Control in DataHandler

Backend users were able to move records to a different page without having edit permissions on the source page. This issue affects TYPO3 CMS versions 13.0.0-13.4.31 and 14.0.0-14.3.3...

TYPO3-CORE-SA-2026-012: Broken Access Control in DataHandler

More info at https://typo3.org/security/advisory/typo3-core-sa-2026-012...

TYPO3 CMS SQL注入漏洞

TYPO3 CMS is a content management system developed under the TYPO3 open source framework. Versions of TYPO3 CMS from 14.0.0 to 14.3.3 contain SQL injection vulnerabilities. These vulnerabilities stem from backend users who have database table writing privileges and can directly create, update, or...

PT-2026-47748

Name of the Vulnerable Software and Affected Versions TYPO3 CMS versions 14.0.0 through 14.3.3 Description Backend users with write access to the form definition database table can directly create, update, or delete form definition records using the DataHandler. This process bypasses the Form...

ROS-20260505-73-0048

A vulnerability in the urllib.request.DataHandler component of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability may allow a remote attacker to affect the integrity of protected information...

ROS-20260505-73-0045

A vulnerability in the urllib.request.DataHandler component of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability may allow a remote attacker to affect the integrity of protected information...

CVE-2025-15282

User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype...

DEBIAN-CVE-2025-15282

User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype...

CRLF Injection

Overview Affected versions of this package are vulnerable to CRLF Injection via the urllib.request.DataHandler. An attacker can manipulate HTTP headers by injecting newline characters in the mediatype portion of a data URL, to alter request behavior or bypass security controls. Remediation A fix...

PT-2026-3662

Name of the Vulnerable Software and Affected Versions Versions prior to 2025-15282 Description User-controlled data URLs parsed by urllib.request.DataHandler can allow injection of headers through newlines in the data URL mediatype. The issue involves the parsing of data URLs, potentially leading...

EUVD-2024-0718

Malicious code in bioql PyPI...

The vulnerability of the DataHandler module and the Setup Module of the TYPO3 content management system allows attackers to bypass security restrictions and gain unauthorized access to protected information.

The vulnerability of the DataHandler module and the Setup Module in the TYPO3 content management system is related to the lack of necessary checks during password changes. Exploiting this vulnerability allows an attacker to bypass security restrictions and gain unauthorized access to protected...

The vulnerability of the DataHandler class in the TYPO3 content management system allows attackers to enhance their privileges and gain unauthorized access to protected information.

The vulnerability of the DataHandler class in the TYPO3 content management system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges and gain unauthorized access to protected information...

CVE-2024-25121

TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions of TYPO3 entities of the File Abstraction Layer FAL could be persisted directly via DataHandler. This allowed attackers to reference files in the fallback storage directly and retrieve...

FreeBSD : typo3-{11,12} -- multiple vulnerabilities (1ad3d264-e36b-11ee-9c27-40b034429ecf)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 1ad3d264-e36b-11ee-9c27-40b034429ecf advisory. - In TYPO3 11.5.24, the filelist component allows attackers who have access to the administrat...