TYPO3 CMS has Broken Access Control in its DataHandler

Problem Backend users were able to move records to a different page without having edit permissions on the source page. Solution Update to TYPO3 versions 13.4.31 LTS, 14.3.3 LTS that fix the problem described. Credits TYPO3 CMS thanks Hyunseo Shin for reporting this issue, and TYPO3 security team...

EUVD-2026-35397

TYPO3 CMS has Broken Access Control in its DataHandler...

Tagify - Moderately critical - Cross-site scripting (XSS) - SA-CONTRIB-2026-043

This module integrates the Tagify JavaScript library to enhance entity reference selection in entity reference widgets. The module does not properly sanitise the name of parent taxonomy terms when rendering suggestions in the Tagify dropdown. This results in a cross-site scripting vulnerability...

CVE-2026-47350 TYPO3 CMS - Broken Access Control in DataHandler

Backend users were able to move records to a different page without having edit permissions on the source page. This issue affects TYPO3 CMS versions 13.0.0-13.4.31 and 14.0.0-14.3.3...

TYPO3 CMS 安全漏洞

TYPO3 CMS is a content management system developed under the TYPO3 open source project. Versions 13.0.0–13.4.31 and 14.0.0–14.3.3 of TYPO3 CMS have security vulnerabilities. These vulnerabilities stem from the ability of users at the backend to move records to different pages without the necessar...

CVE-2026-42839

An authenticated ERPNext user with Item record edit permissions can persist arbitrary HTML/JavaScript in the itemname, description, or image fields of an Item and trigger unescaped rendering in the Point of Sale POS cart interface for every operator who adds that item to a transaction.This issue...

CVE-2026-42839

CVE-2026-42839 describes a stored XSS in ERPNext 16.16.0. An authenticated user with Item record edit permissions can persist arbitrary HTML/JavaScript in item_name, description, or image fields, causing unescaped rendering in the POS cart interface for every operator adding that item to a transa...

PT-2026-46043

Name of the Vulnerable Software and Affected Versions ERPNext version 16.16.0 Description An authenticated user with permissions to edit Item records can inject arbitrary HTML or JavaScript into the item name, description, or image fields of an Item. This leads to unescaped rendering in the Point...

EUVD-2026-33438

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, while investigating the ThreadPolicy::delete issue reported previously, the same missing mailbox membership check was found in the sibling ThreadPolicy::edit method. A user with the...

CVE-2026-9809

A stored Cross-Site Scripting XSS vulnerability exists in the Projects component of Mautic 7. When displaying project tags and popovers on administrative detail views such as campaigns, emails, or forms, user-supplied project names are rendered without proper sanitization. An authenticated user...

PT-2026-44995

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, while investigating the ThreadPolicy::delete issue reported previously, the same missing mailbox membership check was found in the sibling ThreadPolicy::edit method. A user with the PERM EDIT...

EspoCRM 安全漏洞

EspoCRM is an open-source, web-based Customer Relationship Management system CRM. This system offers features such as sales automation, community management, and customer support. Versions of EspoCRM prior to 9.3.5 contained security vulnerabilities. These vulnerabilities were caused by business...

CVE-2026-7374

A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to...

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via improper validation of symbolic links in the virt-handler process. An attacker can gain unauthorized access to privileged Unix sockets on the host by replacing a virtual machine console socket with a symlink to a...

SUSE CVE-2025-12141

In Grafana's alerting system, users with edit permissions for a contact point, specifically the permissions “alert.notifications:write” or “alert.notifications.receivers:test” that are granted as part of the fixed role "Contact Point Writer", which is part of the basic role Editor - can edit...

CVE-2026-46723 Information Disclosure in extension "Faceted Search" (ke_search)

The additionaltables configuration of the page and ttcontent indexers accepts arbitrary table and field names. A backend user with permission to edit indexer configurations can copy sensitive data from internal TYPO3 tables into the search index...

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes in the Object.assign process. An attacker can gain unauthorized access to and control over data across different workspaces by...

PYSEC-2026-147

Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could still access the history report for the page, potentially resulting in disclosure of sensitive information. This vulnerability is fixed in 7.0.7...

CVE-2026-44197 Wagtail: Improper permission handling when comparing revisions

Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could access revisions of the page through the revision compare view if they knew the primary key of two revisions. This could potentially result in...

Improper Handling of Insufficient Permissions or Privileges

Overview wagtail is an open source content management system built on Django. Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges when viewing page history. A user without edit permissions on a given page can access the history report fo...