[TYPO3-announce] Cross-Site Scripting Vulnerability in TYPO3 Core

TYPO3 Security Team security at typo3.org
Tue Apr 17 11:52:02 CEST 2012

Dear users of TYPO3!

It has been discovered that the TYPO3 Core is vulnerable to Cross-Site Scripting.

For more details on the issues please read the accordant advisory:

TYPO3-CORE-SA-2012-002: Cross-Site Scripting in TYPO3 Core

Please read the advisory properly, especially if you implemented your own production exception handler for your website!

In general the TYPO3 Security Team recommends to read the following pages:

The TYPO3 Security Guide:

Make sure you are subscribed to the TYPO3 Announce List:

See all TYPO3 security advisories:


Helmut Hummel
Member of the TYPO3 Security Team

TYPO3 Security Team homepage: http://typo3.org/teams/security/

E-Mail: security at typo3.org

More information about the TYPO3-announce mailing list