[TYPO3-announce] Critical security issue in the Extension Repository (TER)
Nicole Cordes
nicole.cordes at typo3.org
Wed Sep 6 15:09:52 CEST 2017
Dear TYPO3 users,
The TYPO3 security team has identified a critical security issue in the
Extension Repository (TER).
It has been discovered that the TYPO3 Extension Repository (TER) is
vulnerable to privilege escalation.
For further information on the issue, please read the related advisory
TYPO3-PSA-2017-001 which was published today:
TYPO3-PSA-2017-001: Privilege Escalation in Extension Repository (TER)
https://typo3.org/teams/security/security-bulletins/psa/typo3-psa-2017-001/
In general the TYPO3 Security Team recommends to read the following pages:
The TYPO3 Security Guide:
https://docs.typo3.org/typo3cms/SecurityGuide/
Make sure you are subscribed to the TYPO3 Announce List:
http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-announce
See all TYPO3 security advisories:
https://typo3.org/teams/security/security-bulletins/
Regards,
Nicole Cordes
Member of the TYPO3 Security Team
--
TYPO3 Security Team homepage: https://typo3.org/teams/security/
E-Mail: security at typo3.org
More information about the TYPO3-announce
mailing list