[TYPO3-UG Russia] Fwd: [TYPO3-announce] Cross Site Scripting vulnerabilities in TYPO3 core (4.2.x)
Michael Shigorin
mike at osdn.org.ua
Thu Nov 13 16:31:47 CET 2008
On Thu, Nov 13, 2008 at 04:20:23PM +0200, Michael Shigorin wrote:
> ----- Forwarded message from Henning Pingel <henning/typo3.org> -----
>
> Subject: [TYPO3-announce] Cross Site Scripting vulnerabilities in TYPO3 core
>
> It has been discovered that TYPO3 core is susceptible to two Cross Site
> Scripting (XSS) issues. The frontend plugin of system extension
> "felogin" and the backend module "file" are vulnerable.
NB:
> <http://typo3.org/teams/security/security-bulletins/typo3-20081113-1/>
Это появилось в 4.2.2...
> <http://typo3.org/teams/security/security-bulletins/typo3-20081113-2/>
...это -- в 4.2.0. Сидящим на 4.1.x можно не беспокоиться.
--
---- WBR, Michael Shigorin <mike at altlinux.ru>
------ Linux.Kiev http://www.linux.kiev.ua/
More information about the TYPO3-russia
mailing list