[TYPO3-announce] TYPO3-SA-2009-002: Information Disclosure & XSS in TYPO3 Core
Lars Houmark
lars at typo3.org
Tue Feb 10 10:05:12 CET 2009
Dear users of TYPO3,
It has been discovered that TYPO3 Core is vulnerable to Information
Disclosure and Cross-Site Scripting.
Especially the first issue is considered to be very critical by the
TYPO3 Security Team.
New packaged versions (4.0.x, 4.1.x, 4.2.x) along with patches for all
versions since 3.3 is now available.
Please read the below bulletin for the complete details and solutions:
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/
Regards,
Lars Houmark
TYPO3 Security Team
More information about the TYPO3-announce
mailing list