typo3/cms-core
typo3/cms-core: XSS in Indexed Search plugin via unsanitized page titles
Cross-Site Scripting vulnerability in Indexed Search plugin: page titles with HTML markup are stored in search index without sanit
typo3/cms-core: Missing read permission check in clipboard allows unauthorized data access
Backend users could insert arbitrary records and files into the TYPO3 clipboard without proper read permission checks, allowing un
typo3/cms-core: Missing permission checks in Backend API file metadata routes
Authenticated backend users could retrieve file metadata via Backend API routes without proper permission checks, allowing access
typo3/cms-core: Path Allowance Check Bypass in GeneralUtility::isAllowedAbsPath()
The path allowance check in GeneralUtility::isAllowedAbsPath() performed a plain string prefix comparison without requiring a dire
typo3/cms-core: VariableFrontend and Registry now prevent PHP Object Injection
VariableFrontend and Registry now deserialize PHP payloads with integrity validation and class restrictions, preventing PHP Object
typo3/cms-core: Backend users could move records without source edit permissions
Backend users could move records to a different page without edit permissions on the source page.
typo3/cms-core: Open redirect in GeneralUtility::sanitizeLocalUrl
Applications using GeneralUtility::sanitizeLocalUrl are vulnerable to open redirect attacks if the URL is used after sanitization.
typo3/cms-core: Recycler module privilege escalation fix
Backend users with Recycler module access could restore soft-deleted records on unauthorized pages or tables.
typo3/cms-core: Unauthorized file download via fallback storage in Media Module
Backend users with file download permissions could download files from the fallback storage of the file abstraction layer (FAL) vi
typo3/cms-core: File upload bypass via mixed-case extensions leads to SQL injection and privilege escalation
Backend users with file write permissions can upload form definition files with mixed-case extensions (e.
typo3/cms-core: Form Framework SQL Injection and Privilege Escalation via DataHandler
Backend users with write access to the form_definition table can bypass Form Framework's persistence validation and permission che
typo3/cms-core: Missing authorization check allows non-privileged users to modify root folders of file mounts
Non-privileged backend users with file mount access could perform write operations (move, delete, rename) on root folders of activ
typo3/cms-core: Form Framework File Inclusion Vulnerability
Backend users with Form Framework access could use files not ending in .