[TYPO3-announce] Incomplete Access Management and Remote Code Execution Vulnerabilities found in TYPO3 Core
TYPO3 Security Team
security at typo3.org
Wed Sep 4 16:38:06 CEST 2013
Dear TYPO3 users!
It has been discovered that TYPO3 Core has Incomplete Access Management and is vulnerable to Remote Code Execution
For more details on the issues please read the accordant advisory:
TYPO3 Security Bulletin TYPO3-CORE-SA-2013-003: TYPO3-CORE-SA-2013-003: Incomplete Access Management and Remote Code Execution Vulnerability in TYPO3 Core
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-003/
In general the TYPO3 Security Team recommends to read the following pages:
The TYPO3 Security Guide:
http://docs.typo3.org/typo3cms/SecurityGuide/
See all TYPO3 security advisories:
http://typo3.org/teams/security/security-bulletins/
Regards,
Helmut Hummel
Member of the TYPO3 Security Team
More information about the TYPO3-announce
mailing list