Ben Wheeler

**Name of the Vulnerable Software and Affected Versions** TWiki versions 4.0.0 through 4.0.4 **Description** The issue allows remote attackers to execute arbitrary Perl code via an HTTP POST request containing a parameter name starting with `TYPEOF`. **Recommendations** For TWiki versions 4.0.0 through 4.0.4, consider restricting access to the configure script until a patch is available. As a temporary workaround, avoid using parameter names starting with `TYPEOF` in HTTP POST requests to minimize the risk of exploitation.