Home arrow US-CERT Computer Emergency Readiness Team arrow TWiki Releases Security Alert

TWiki Releases Security Alert

TWiki has released a Security Alert to address a vulnerability. This vulnerability is due to the way TWiki processes the "image" variable in URLs. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the TWiki Security AlertSecurity Alert and apply the workaround listed in the Countermeasures section of the document or upgrade to version 4.2.34.2.3 to help mitigate the risks.

Read more: US-CERT Current Activity