CVE-2026-4202

Description

The extension fails to verify, if an authenticated user has permissions to access to redirects resulting in exposure of redirect records when editing a page.

PUBLISHED Reserved 2026-03-15 | Published 2026-03-17 | Updated 2026-03-17 | Assigner TYPO3

Problem types

CWE-862

CWE-200

Product status

Credits

Guido Schmechel reporter

Guido Schmechel remediation developer

References

typo3.org/security/advisory/typo3-ext-sa-2026-006 vendor-advisory

cve.org (CVE-2026-4202)

nvd.nist.gov (CVE-2026-4202)

Download JSON