The sr_freecap (aka freeCap CAPTCHA) extension 2.4.5 and below and 2.5.2 and below for TYPO3 fails to sanitize user input, which allows execution of arbitrary Extbase actions, resulting in Remote Code Execution.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-10-16T18:40:40
Updated: 2024-08-05T01:17:41.077Z
Reserved: 2019-09-22T00:00:00
Link: CVE-2019-16699
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-10-16T19:15:15.880
Modified: 2024-11-21T04:31:00.310
Link: CVE-2019-16699
Redhat
No data.