CVE-2016-15017
CVE-2016-15017 concerns the TYPO3 extension fabarea media_upload, specifically the function getUploadedFileList in Classes/Service/UploadFileService.php. The vulnerability enables pathname traversal due to input handling in that function, with a critical impact reported (C/H/I/A = high). A fixed ...