Description
TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or GraphicsMagick.
Remediation
References
Related Vulnerabilities
Atlassian Jira Incorrect Authorization Vulnerability (CVE-2021-43948)
MySQL CVE-2020-14888 Vulnerability (CVE-2020-14888)
Joomla! Core 3.0.x Clickjacking Vulnerability (3.0.0 - 3.0.1)
WordPress Plugin Walk Score Multiple Cross-Site Scripting Vulnerabilities (0.5.5)
WordPress Plugin Mailing List 'wpabspath' Parameter Remote File Include (1.3.3)