[Typo3] SQL Injection

Michael Scharkow mscharkow at gmx.net
Fri Mar 4 11:01:13 CET 2005

Michael Scharkow wrote:

> 1. Announce the vulnerability in public without the details, so I may 
> shut down the Extension or react in other appropriate ways.

Given the the difficulties in judging how much to reveal, it's probably 
doing more harm than not revealing it (although blackhats _do_ get the 
information anyway). So stucki and JoH convinced me ;)

Ekkehard: Replying to myself is not intended as continuing the discussion ;)


More information about the TYPO3-english mailing list