Description
Textpattern CMS 4.9.0 contains a Broken Access Control vulnerability in the article management system that allows authenticated users with low privileges to modify articles owned by users with higher privileges. By manipulating the article ID parameter during the duplicate-and-save workflow in textpattern/include/txp_article.php, an attacker can bypass authorization checks and overwrite content belonging to other users.
Published: 2026-04-21
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized modification of content owned by higher‑privilege users via broken access control
Action: Patch immediately
AI Analysis

Impact

Textpattern CMS 4.9.0 contains a broken access control flaw that enables authenticated users with low privileges to alter articles belonging to users with higher privileges. The vulnerability arises when the article ID parameter is manipulated during the duplicate-and-save workflow in txp_article.php, allowing an attacker to bypass authorization checks and overwrite target content. This flaw can be leveraged to tamper with confidential or strategically important articles, impacting the integrity of published material and potentially leading to misinformation or loss of trust.

Affected Systems

The vulnerability affects Textpattern CMS version 4.9.0 and potentially earlier releases that have not applied the patch included in the 4.9.1 security release. It specifically targets the article management subsystem located in txp_article.php and the duplicate-and-save operation exposed to authenticated users.

Risk and Exploitability

EPSS score is less than 1% and the vulnerability is not listed in CISA KEV. With a CVSS score of 6.5, the flaw enables privilege escalation within the CMS, allowing authenticated users to overwrite content owned by higher-privilege users. The attack vector is an authenticated user manipulating the article ID parameter during the duplicate-and-save workflow. The medium severity combined with the ability to compromise content integrity indicates a significant risk that warrants prompt mitigation.

Generated by OpenCVE AI on April 22, 2026 at 19:47 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the official patch released in Textpattern CMS 4.9.1 or later to fix the broken access control issue.
  • If a patch is not immediately deployable, restrict duplicate-and-save functionality for low-privilege user groups using the CMS permission settings to block the ability to manipulate article IDs.
  • Configure your web server to restrict direct access to txp_article.php or use URL rewriting rules to prevent unauthenticated manipulation of article identifiers.

Generated by OpenCVE AI on April 22, 2026 at 19:47 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 13 May 2026 15:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:textpattern:textpattern:4.9.0:-:*:*:*:*:*:*

Wed, 22 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Title Authenticated Users Can Bypass Access Control to Alter Higher-Privilege Articles in Textpattern CMS 4.9.0

Wed, 22 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-284
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 21 Apr 2026 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Textpattern
Textpattern textpattern
Vendors & Products Textpattern
Textpattern textpattern

Tue, 21 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
Description Textpattern CMS 4.9.0 contains a Broken Access Control vulnerability in the article management system that allows authenticated users with low privileges to modify articles owned by users with higher privileges. By manipulating the article ID parameter during the duplicate-and-save workflow in textpattern/include/txp_article.php, an attacker can bypass authorization checks and overwrite content belonging to other users.
References

Subscriptions

Textpattern Textpattern
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-22T15:35:46.859Z

Reserved: 2026-03-04T00:00:00.000Z

Link: CVE-2026-30452

cve-icon Vulnrichment

Updated: 2026-04-22T14:11:33.472Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-21T17:16:36.303

Modified: 2026-05-13T15:18:25.813

Link: CVE-2026-30452

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T20:00:08Z

Weaknesses