php · typo3/cms-coreHeads-up
typo3/cms-core: Missing read permission check in clipboard allows unauthorized data access
Backend users could insert arbitrary records and files into the TYPO3 clipboard without proper read permission checks, allowing unauthorized information gatheri
What changed
Backend users could insert arbitrary records and files into the TYPO3 clipboard without proper read permission checks, allowing unauthorized information gathering.
Who it affects
Users of TYPO3 CMS versions before 10.4.57 ELTS, 11.5.51 ELTS, 12.4.46 ELTS, 13.4.31 LTS, 14.3.3 LTS.
What to do today
Update to the latest patched version: 10.4.57 ELTS, 11.5.51 ELTS, 12.4.46 ELTS, 13.4.31 LTS, or 14.3.3 LTS.
The trail
Collected→
Audited→
Written→
Published