CVE-2026-4202

Source
https://cve.org/CVERecord?id=CVE-2026-4202
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-4202.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-4202
Aliases
Published
2026-03-17T08:33:40.968Z
Modified
2026-07-08T08:13:13.453487775Z
Severity
  • 2.3 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
Broken Access Control in extension "Redirect Tab"
Details

The extension fails to verify, if an authenticated user has permissions to access to redirects resulting in exposure of redirect records when editing a page.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/4xxx/CVE-2026-4202.json",
    "cwe_ids": [
        "CWE-200",
        "CWE-862"
    ],
    "cna_assigner": "TYPO3"
}
References

Affected packages

Git / github.com/ayacoo/redirect_tab

Affected ranges

Type
GIT
Repo
https://github.com/ayacoo/redirect_tab
Events
Database specific
{
    "source": "CPE_RANGE",
    "cpe": "cpe:2.3:a:ayacoo:redirect_tab:*:*:*:*:*:typo3:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.1.2"
        },
        {
            "introduced": "3.0.0"
        },
        {
            "fixed": "3.1.7"
        },
        {
            "introduced": "4.0.0"
        },
        {
            "fixed": "4.0.5"
        }
    ]
}

Affected versions

2.*
2.0.0
2.0.1
2.1.0
2.1.1
3.*
3.1.4
3.1.5
3.1.6
4.*
4.0.0
4.0.1
4.0.2
4.0.3
4.0.4

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-4202.json"