CVE-2011-4902: Improper Input Validation

April 22, 2022 (updated January 12, 2024)

TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to delete arbitrary files on the webserver.

References

github.com/advisories/GHSA-9vxq-mxw5-mcgp
nvd.nist.gov/vuln/detail/CVE-2011-4902
security-tracker.debian.org/tracker/CVE-2011-4902
typo3.org/security/advisory/typo3-core-sa-2011-001/

Detect and mitigate CVE-2011-4902 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →