Auth bypass in Typo3 Extension "Redirect Tabs"

CVE-2026-4202

The extension fails to verify, if an authenticated user has permissions to access to redirects resulting in exposure of redirect records when editing a page.

Vulnerability class: Broken Access Control

EPSS: 0.000 (9.9th percentile) — read the EPSS interpretation.