112 matches found
GHSA-PJPJ-V387-X4VQ TYPO3 CMS has Broken Access Control in its Form Framework
Problem Backend users with access to the Form Framework were able to use files not ending in .form.yaml as form definitions, which were processed without denying the incorrect file extension. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing...
EUVD-2026-35391
TYPO3 CMS has Broken Access Control in its Form Framework...
TYPO3 CMS has Broken Access Control in its Form Framework
Problem Backend users with access to the Form Framework were able to use files not ending in .form.yaml as form definitions, which were processed without denying the incorrect file extension. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing...
GHSA-JH32-V29G-68PQ TYPO3 CMS has Privilege Escalation & SQL Injection in its Form Framework
Problem Backend users with write access to the formdefinition database table were able to directly create, update, or delete form definition records via DataHandler, bypassing the Form Framework's persistence validation and permission checks. This allowed injecting arbitrary form configurations,...
TYPO3 CMS has Privilege Escalation & SQL Injection in its Form Framework
Problem Backend users with write access to the formdefinition database table were able to directly create, update, or delete form definition records via DataHandler, bypassing the Form Framework's persistence validation and permission checks. This allowed injecting arbitrary form configurations,...
EUVD-2026-35393
TYPO3 CMS has Broken Access Control in its Form Framework...
GHSA-HWVQ-2W67-RVXP TYPO3 CMS has Broken Access Control in its Form Framework
Problem Backend users with file write permissions were able to upload form definition files with mixed-case extensions e.g., .FORM.YAML to bypass the Form Framework's upload restriction. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing attackers ...
TYPO3 CMS has Broken Access Control in its Form Framework
Problem Backend users with file write permissions were able to upload form definition files with mixed-case extensions e.g., .FORM.YAML to bypass the Form Framework's upload restriction. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing attackers ...
CVE-2026-11607
Backend users with access to the Form Framework were able to use files not ending in .form.yaml as form definitions, which were processed without denying the incorrect file extension. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing attackers to...
CVE-2026-11607
Backend users with access to the Form Framework were able to use files not ending in .form.yaml as form definitions, which were processed without denying the incorrect file extension. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing attackers to...
CVE-2026-49741 TYPO3 CMS - Privilege Escalation & SQL Injection in Form Framework
Backend users with write access to the formdefinition database table were able to directly create, update, or delete form definition records via DataHandler, bypassing the Form Framework's persistence validation and permission checks. This allowed injecting arbitrary form configurations,...
CVE-2026-49741
CVE-2026-49741 concerns TYPO3 CMS where backend users with write access to the form_definition table can directly manipulate form definitions via DataHandler, bypassing Form Framework validation and permission checks. This enables injecting arbitrary form configurations and is associated with SQL...
CVE-2026-49741 TYPO3 CMS - Privilege Escalation & SQL Injection in Form Framework
Backend users with write access to the formdefinition database table were able to directly create, update, or delete form definition records via DataHandler, bypassing the Form Framework's persistence validation and permission checks. This allowed injecting arbitrary form configurations,...
CVE-2026-47346
Summary: CVE-2026-47346 affects TYPO3 CMS prior to certain patch versions, where backend users with file write perms can upload form definition files with mixed-case extensions (e.g., .FORM.YAML) to bypass upload restrictions. This can be exploited to execute arbitrary SQL statements and escalate...
CVE-2026-47346 TYPO3 CMS - Broken Access Control in Form Framework
Backend users with file write permissions were able to upload form definition files with mixed-case extensions e.g., .FORM.YAML to bypass the Form Framework's upload restriction. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing attackers to...
CVE-2026-47346 TYPO3 CMS - Broken Access Control in Form Framework
Backend users with file write permissions were able to upload form definition files with mixed-case extensions e.g., .FORM.YAML to bypass the Form Framework's upload restriction. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing attackers to...
CVE-2026-11607 TYPO3 CMS - Broken Access Control in Form Framework
Backend users with access to the Form Framework were able to use files not ending in .form.yaml as form definitions, which were processed without denying the incorrect file extension. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing attackers to...
CVE-2026-11607 TYPO3 CMS - Broken Access Control in Form Framework
Backend users with access to the Form Framework were able to use files not ending in .form.yaml as form definitions, which were processed without denying the incorrect file extension. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing attackers to...
CVE-2026-11607
TYPO3 CMS vulnerability CVE-2026-11607 affects the Form Framework in multiple TYPO3 releases (before 10.4.57, 11.x before 11.5.51, 12.x before 12.4.46, 13.x before 13.4.31, and 14.x before 14.3.3). A back-end user with access to the Form Framework can upload or reference form definitions from fil...
TYPO3-CORE-SA-2026-019: Broken Access Control in Form Framework
More info at https://typo3.org/security/advisory/typo3-core-sa-2026-019...