Description
In TYPO3 11.5.24, the filelist component allows attackers (who have access to the administrator panel) to read arbitrary files via directory traversal in the baseuri field, as demonstrated by POST /typo3/record/edit with ../../../ in data[sys_file_storage]*[data][sDEF][lDEF][basePath][vDEF].
Remediation
References
Related Vulnerabilities
AbanteCart Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-26521)
Squid Other Vulnerability (CVE-2010-3072)
WordPress Plugin Simpel Reserveren 3 Cross-Site Scripting (3.5.2)
WordPress Plugin WP ULike Multiple Vulnerabilities (3.1)
WordPress Plugin iSlidex TimThumb Arbitrary File Upload (2.7)