[TYPO3-UG Russia] Fwd: [TYPO3-announce] Two third party TYPO3 extensions found insecure
Michael Shigorin
mike at osdn.org.ua
Wed Sep 24 11:23:42 CEST 2008
NB: sr_freecap 1.0.4 -- PHP5 only
----- Forwarded message from Lars Houmark <lars/typo3.org> -----
Date: Wed, 24 Sep 2008 03:30:13 -0500
From: Lars Houmark <lars/typo3.org>
To: TYPO3 Announce List <typo3-announce/lists.netfielders.de>
Subject: [TYPO3-announce] Two third party TYPO3 extensions found insecure
Dear users of TYPO3,
The extensions phpMyAdmin (phpmyadmin) and freeCap CAPTCHA
(sr_freecap) have been found insecure.
Please see the below two bulletins in order to read the details of
each security incident.
TYPO3-20080924-1: Cross-Site Scripting vulnerability in extension
phpMyAdmin (phpmyadmin):
http://typo3.org/teams/security/security-bulletins/typo3-20080924-1/
TYPO3-20080924-2: Cross-Site Scripting vulnerability in extension
freeCap CAPTCHA (sr_freecap):
http://typo3.org/teams/security/security-bulletins/typo3-20080924-2/
In general the TYPO3 Security Team recommends you to read the
following pages.
The TYPO3 Security Cookbook:
http://typo3.org/fileadmin/security-team/typo3_security_cookbook_v-0.5.pdf
Make sure you are subscribed to the TYPO3 Announce List:
http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-announce
See all TYPO3 security bulletins:
http://typo3.org/teams/security/security-bulletins/
Regards,
Lars Houmark
lars/typo3.org
_______________________________________________
TYPO3-announce mailing list
TYPO3-announce/lists.netfielders.de
http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-announce
----- End forwarded message -----
--
---- WBR, Michael Shigorin <mike at altlinux.ru>
------ Linux.Kiev http://www.linux.kiev.ua/
More information about the TYPO3-russia
mailing list