[HIGH] TYPO3 CMS has Privilege Escalation & SQL Injection in its Form Framework

PKSA-w8hs-qvzm-sf5x CVE-2026-49741 GHSA-jh32-v29g-68pq

Affected package: typo3/cms-form

Affected version: >=14.0.0,<14.3.3

Reported by:
GitHub