FreeBSD : typo3 -- Remote Code Execution (3c957a3e-2978-11e1-89b4-001ec9578670)
Medium Nessus Plugin ID 57329
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThe typo3 security team reports :
A crafted request to a vulnerable TYPO3 installation will allow an attacker to load PHP code from an external source and to execute it on the TYPO3 installation.
This is caused by a PHP file, which is part of the workspaces system extension, that does not validate passed arguments.
SolutionUpdate the affected packages.