[Typo3-dev] BE Login through URL?

[Andreas Schwarzkopf]

Stig N. Jepsen schrieb:

> What would the security issues be?

I'm not a security expert but I can see two things:
- submitting malicious javascript (frontend and backend)
can be dangerous for other frontend users (e.g. automatically installing 
worms and backdoors from the website) and for backend users (stealing 
cookies or data from other backend users)
- stealing admin cookies in the backend with the anonymous backend login 
for submitting news

If you mean the news blog function for typo3.org, I think both things 
could be very dangerous for a such popular site.

grtx

Andreas