← back
CVE-2010-3663

CVE-2010-3663

EPSS 2.4%
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains an insecure default value of the variable fileDenyPattern which could allow remote attackers to execute arbitrary code on the backend.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719https://security-tracker.debian.org/tracker/CVE-2010-3663https://typo3.org/security/advisory/typo3-sa-2010-012/#Arbitrary_Code_Execution