Description
TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or GraphicsMagick.
Remediation
References
Related Vulnerabilities
WordPress Plugin Duplicator-WordPress Migration Security Bypass (0.5.8)
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10186)
GlassFish CVE-2016-5519 Vulnerability (CVE-2016-5519)
WordPress Plugin Thank You Counter Button Cross-Site Scripting (1.8.2)
WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.11.3)