Unspecified vulnerability in the ke DomPDF extension prior to 0.0.5 for TYPO3 allows remote malicious users to execute arbitrary code via unknown vectors.
Advisory: Remote Code Execution in TYPO3 Extension ke_dompdf
During a penetration test RedTeam Pentesting discovered a remote code
execution vulnerability in the TYPO3 extension ke_dompdf, which allows
attackers to execute arbitrary PHP commands in the context of the
webserver
Details
=======
Product: ke_dompdf TYPO3 extension
Affected Versio ...
The TYPO3 extension ke_dompdf contains a version of the dompdf library including all files originally supplied with it This includes an examples page, which contains different examples for HTML-entities rendered as a PDF This page also allows users to enter their own HTML code into a text box to be rendered by the webserver using dompdf dompdf a ...