7.1 High
AI Score
Confidence
Low
Failing to properly validate user input, the form component is susceptible to Arbitrary File Disclosure. A valid backend user account is needed to exploit this vulnerability. Only forms are vulnerable, which contain upload fields.
github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-04-12-2.yaml
typo3.org/security/advisory/typo3-core-sa-2016-010