[TYPO3-announce] Multiple vulnerabilities found in TYPO3 Core

[Lars Houmark]

Dear users of TYPO3,

It has been discovered that TYPO3 Core is vulnerable to Broken  
Authentication and Session Management, Cross-Site Scripting, Insecure  
Randomness and Remote Command Execution.

All of these security issues have been fixed in the recent released  
packages.

Please see this page for a descriptions and solutions on all the above  
mentioned issues:

http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/

Regards,

Lars Houmark
Member of the TYPO3 Security Team
lars at typo3.org