[TYPO3-announce] Important Security-Bulletin Pre-Announcement
TYPO3 Security Team
security at typo3.org
Fri May 20 11:12:10 CEST 2016
Dear TYPO3 users,
The TYPO3 security team has identified a critical security issue in the TYPO3 CMS Core.
All TYPO3 versions from 4.x to 8.1 are affected by this vulnerability.
Besides regular releases for supported branches (TYPO3 6.2.x, TYPO3 7.6.x, TYPO3 8.x), we will also provide patches for affected but unmaintained TYPO3 versions, because of the severity of this vulnerability.
Be prepared to update all your TYPO3 installations next Tuesday!
Please understand that we cannot provide any further information until the advisory has been published.
CVSS v2.0 data on the to be released advisory:
Base: AV:N/AC:M/Au:N/C:C/I:C/A:C (Score: 9.3)
Temporal: E:F/RL:O/RC:C (Score: 7.7)
Official Announcement: https://typo3.org/teams/security/security-bulletins/psa/typo3-psa-2016-002/
Kind Regards,
Helmut Hummel
Member of the TYPO3 Security Team
--
TYPO3 Security Team homepage: http://typo3.org/teams/security/
E-Mail: security at typo3.org
More information about the TYPO3-announce
mailing list