[TYPO3-announce] TYPO3-PSA-2014-001: Cross-Site Request Forgery Protection in TYPO3 CMS 6.2
TYPO3 Security Team
security at typo3.org
Fri Jan 31 11:44:48 CET 2014
Dear TYPO3 Community!
From now on the TYPO3 Security Team will publish Public Service Announcements (PSA) on some security related topics around TYPO3 products. For details what they are, please read:
http://typo3.org/news/article/security-public-service-announcements/
The first PSA is about security improvements (CSRF Protection) that will be included into TYPO3 CMS 6.2 and what steps can be taken to mitigate possible CSRF attacks in versions below 6.2:
http://typo3.org/teams/security/security-bulletins/psa/typo3-psa-2014-001/
In general the TYPO3 Security Team recommends to read the following pages:
The TYPO3 Security Guide:
http://typo3.org/documentation/document-library/extension-manuals/doc_guide_security/current/
Make sure you are subscribed to the TYPO3 Announce List:
http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-announce
See all TYPO3 security advisories:
http://typo3.org/teams/security/security-bulletins/
Regards,
Helmut Hummel
Member of the TYPO3 Security Team
--
TYPO3 Security Team homepage: http://typo3.org/teams/security/
E-Mail: security at typo3.org
More information about the TYPO3-announce
mailing list