6 matches found
CVE-2026-46724
The file indexer does not normalize the configured directory path. A backend user with permission to edit indexer configurations can index documents from arbitrary locations on the server file system through path traversal sequences...
CVE-2026-46724
The file indexer does not normalize the configured directory path. A backend user with permission to edit indexer configurations can index documents from arbitrary locations on the server file system through path traversal sequences...
CVE-2026-46724 Path Traversal in extension "Faceted Search" (ke_search)
The file indexer does not normalize the configured directory path. A backend user with permission to edit indexer configurations can index documents from arbitrary locations on the server file system through path traversal sequences...
CVE-2026-46724
CVE-2026-46724 affects the Typo3 extension Faceted Search (ke_search). The file indexer does not normalize the configured directory path, allowing a backend user with permission to edit indexer configurations to index documents from arbitrary server file-system locations via path traversal. CVSS ...
TYPO3 Extension Faceted Search 路径遍历漏洞
TYPO3 Extension Faceted Search is an open-source extension for TYPO3 that enables faceted search. TYPO3 Extension Faceted Search has a path traversal vulnerability. This vulnerability stems from the fact that the file indexer does not normalize the configured directory paths. As a result, backend...
PT-2026-41863
The additional tables configuration of the page and tt content indexers accepts arbitrary table and field names. A backend user with permission to edit indexer configurations can copy sensitive data from internal TYPO3 tables into the search index...