Unspecified vulnerability in the Dictionary (rtgdictionary) extension 0.1.9 and earlier for TYPO3 allows attackers to execute arbitrary code via unknown vectors.
The rtgdictionary extension for TYPO3 is prone to a vulnerability that lets remote attackers upload and execute arbitrary script code on an affected computer with the privileges of the webserver process. The issue occurs because the application fails to sanitize user-supplied input. This issue affects rtgdictionary 0.1.9 and prior versions.
The vendor has released an update. Please see the references for more information. Robert Gonda rtgdictionary 0.1.9 Robert Gonda rtgdictionary_0.2.1.t3x http://typo3.org/fileadmin/ter/r/t/rtgdictionary_0.2.1.t3x
Attackers can exploit this issue via a browser.