CVE-2019-11832 Information
Feb 14, 2021
cve
Description
TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing as demonstrated by ImageMagick or GraphicsMagick.
CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Reference
http://www.securityfocus.com/bid/108305 https://typo3.org/security/advisory/typo3-core-sa-2019-012/
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
7.5
Share on: