[MEDIUM] TYPO3-CORE-SA-2026-012: Broken Access Control in DataHandler

PKSA-vv7s-w171-wb2j CVE-2026-47350 GHSA-qcmw-6rm2-5x78

Affected package: typo3/cms-core

Affected version: >=13.0.0,<13.4.31|>=14.0.0,<14.3.3

Reported by:
GitHub, FriendsOfPHP/security-advisories