Remote File Inclusion Vulnerability in TYPO3 Workspaces Extension

CVE-2011-4614 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the workspaces system extension in TYPO3 4.5.x before 4.5.9, 4.6.x before 4.6.2, and development versions of 4.7 allows remote attackers to execute arbitrary PHP code via a URL in the BACK_PATH parameter.

Learn more about our Cis Benchmark Audit For Google Workspace.