[HIGH] TYPO3-CORE-SA-2026-008: Broken Access Control in Form Framework

PKSA-6jfs-jhtj-72x7 CVE-2026-47346 GHSA-hwvq-2w67-rvxp

Affected package: typo3/cms-core

Affected version: <10.4.57|>=11.0.0,<11.5.51|>=12.0.0,<12.4.46|>=13.0.0,<13.4.31|>=14.0.0,<14.3.3

Reported by:
GitHub, FriendsOfPHP/security-advisories