diff --git a/typo3/sysext/backend/Classes/Controller/Wizard/FormsController.php b/typo3/sysext/backend/Classes/Controller/Wizard/FormsController.php
index aecad21dea2d56b9daf53fcce840a66802bec2b6..8c0c14b965139a9a17cc5b5e8f4709b80b0de0f1 100644
--- a/typo3/sysext/backend/Classes/Controller/Wizard/FormsController.php
+++ b/typo3/sysext/backend/Classes/Controller/Wizard/FormsController.php
@@ -277,6 +277,9 @@ class FormsController {
 	 * @todo Define visibility
 	 */
 	public function formsWizard() {
+		if (!$this->checkEditAccess($this->P['table'], $this->P['uid'])) {
+			throw new \RuntimeException('Wizard Error: No access', 1385807526);
+		}
 		// First, check the references by selecting the record:
 		$row = BackendUtility::getRecord($this->P['table'], $this->P['uid']);
 		if (!is_array($row)) {
@@ -884,4 +887,34 @@ class FormsController {
 			</table>';
 	}
 
+	/**
+	 * Checks access for element
+	 *
+	 * @param string $table Table name
+	 * @param integer $uid Record uid
+	 * @return boolean
+	 * @todo: Refactor to remove duplicate code (see TableController, RteController)
+	 */
+	protected function checkEditAccess($table, $uid) {
+		$calcPRec = BackendUtility::getRecord($table, $uid);
+		BackendUtility::fixVersioningPid($table, $calcPRec);
+		if (is_array($calcPRec)) {
+			// If pages:
+			if ($table == 'pages') {
+				$CALC_PERMS = $GLOBALS['BE_USER']->calcPerms($calcPRec);
+				$hasAccess = $CALC_PERMS & 2 ? TRUE : FALSE;
+			} else {
+				// Fetching pid-record first.
+				$CALC_PERMS = $GLOBALS['BE_USER']->calcPerms(BackendUtility::getRecord('pages', $calcPRec['pid']));
+				$hasAccess = $CALC_PERMS & 16 ? TRUE : FALSE;
+			}
+			// Check internals regarding access:
+			if ($hasAccess) {
+				$hasAccess = $GLOBALS['BE_USER']->recordEditAccessInternals($table, $calcPRec);
+			}
+		} else {
+			$hasAccess = FALSE;
+		}
+		return $hasAccess;
+	}
 }
diff --git a/typo3/sysext/backend/Classes/Controller/Wizard/RteController.php b/typo3/sysext/backend/Classes/Controller/Wizard/RteController.php
index 2bbfec246f250afe2aa21837bbfc753a1dd6fbc6..8ffc9a254543c0591b45802b4a23ce99b31a3781 100644
--- a/typo3/sysext/backend/Classes/Controller/Wizard/RteController.php
+++ b/typo3/sysext/backend/Classes/Controller/Wizard/RteController.php
@@ -255,8 +255,9 @@ class RteController {
 	 *
 	 * @param string $table Table name
 	 * @param integer $uid Record uid
-	 * @return void
+	 * @return boolean
 	 * @todo Define visibility
+	 * @todo: Refactor to remove duplicate code (see FormsController, TableController)
 	 */
 	public function checkEditAccess($table, $uid) {
 		$calcPRec = BackendUtility::getRecord($table, $uid);
diff --git a/typo3/sysext/backend/Classes/Controller/Wizard/TableController.php b/typo3/sysext/backend/Classes/Controller/Wizard/TableController.php
index 48b4ccd1e1b4428e21b9bfda1f88c62aeae61962..39f261531d2f2c893bf1eb2b433760f34c152902 100644
--- a/typo3/sysext/backend/Classes/Controller/Wizard/TableController.php
+++ b/typo3/sysext/backend/Classes/Controller/Wizard/TableController.php
@@ -218,6 +218,9 @@ class TableController {
 	 * @todo Define visibility
 	 */
 	public function tableWizard() {
+		if (!$this->checkEditAccess($this->P['table'], $this->P['uid'])) {
+			throw new \RuntimeException('Wizard Error: No access', 1349692692);
+		}
 		// First, check the references by selecting the record:
 		$row = BackendUtility::getRecord($this->P['table'], $this->P['uid']);
 		if (!is_array($row)) {
@@ -597,4 +600,34 @@ class TableController {
 		return $cfgArr;
 	}
 
+	/**
+	 * Checks access for element
+	 *
+	 * @param string $table Table name
+	 * @param integer $uid Record uid
+	 * @return boolean
+	 * @todo: Refactor to remove duplicate code (see FormsController, RteController)
+	 */
+	protected function checkEditAccess($table, $uid) {
+		$calcPRec = BackendUtility::getRecord($table, $uid);
+		BackendUtility::fixVersioningPid($table, $calcPRec);
+		if (is_array($calcPRec)) {
+			// If pages:
+			if ($table == 'pages') {
+				$CALC_PERMS = $GLOBALS['BE_USER']->calcPerms($calcPRec);
+				$hasAccess = $CALC_PERMS & 2 ? TRUE : FALSE;
+			} else {
+				// Fetching pid-record first.
+				$CALC_PERMS = $GLOBALS['BE_USER']->calcPerms(BackendUtility::getRecord('pages', $calcPRec['pid']));
+				$hasAccess = $CALC_PERMS & 16 ? TRUE : FALSE;
+			}
+			// Check internals regarding access:
+			if ($hasAccess) {
+				$hasAccess = $GLOBALS['BE_USER']->recordEditAccessInternals($table, $calcPRec);
+			}
+		} else {
+			$hasAccess = FALSE;
+		}
+		return $hasAccess;
+	}
 }