CVE-2019-11832

high

Description

TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or GraphicsMagick.

References

https://typo3.org/security/advisory/typo3-core-sa-2019-012/

http://www.securityfocus.com/bid/108305

Details

Source: Mitre, NVD

Published: 2019-05-09

Updated: 2019-05-13

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High