MEDIUM
GHSA-c72x-mc2p-wv7x
TYPO3 ke_search path traversal due to lack of normalization on config directory from file indexer
상세
In TYPO3 faceted fulltext search (`ke_search`), the file indexer does not normalize the configured directory path. A backend user with permission to edit indexer configurations can index documents from arbitrary locations on the server file system through path traversal sequences. This has been patched in versions 7.0.1, 6.6.1, 5.6.2 and 4.6.7.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.