[TYPO3-announce] Announcing TYPO3 Public Service Announcements

oliver.hader at typo3.org oliver.hader at typo3.org
Tue Jan 22 12:21:45 CET 2019

Dear TYPO3 World,

the TYPO3 Security Team has just released the following Public Service Announcements:

1) Possible Arbitrary Code Execution in CommandUtility API


2) Username and Email Address Enumeration


3) Cross-Site Scripting in Flash component (ELTS)


Find all TYPO3 security advisories here:

Best regards
Oliver Hader
Oliver Hader

TYPO3 .... inspiring people to share!
Get involved: http://typo3.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.typo3.org/pipermail/typo3-announce/attachments/20190122/54c13a62/attachment.pgp>

More information about the TYPO3-announce mailing list