typo3/cms is vulnerable to Arbitrary Command Execution. The vulnerability is due to improper handling of the βFromβ header when an email comes from a non-trusted source and when no βReturn-Pathβ is configured, which allows an attacker to execute arbitrary shell commands on the server. Note that only TYPO3 installations with $GLOBALS['TYPO3_CONF_VARS']['MAIL']['transport']
set to sendmail
are affected.