[TYPO3-announce] Announcing TYPO3 Public Service Announcements

oliver.hader at typo3.org oliver.hader at typo3.org
Tue Jan 22 12:21:45 CET 2019


Dear TYPO3 World,

the TYPO3 Security Team has just released the following Public Service Announcements:


1) Possible Arbitrary Code Execution in CommandUtility API

https://typo3.org/security/advisory/typo3-psa-2019-001/

2) Username and Email Address Enumeration

https://typo3.org/security/advisory/typo3-psa-2019-002/

3) Cross-Site Scripting in Flash component (ELTS)

https://typo3.org/security/advisory/typo3-psa-2019-003/


Find all TYPO3 security advisories here:
https://typo3.org/help/security-advisories/


Best regards
Oliver Hader
--
Oliver Hader

TYPO3 .... inspiring people to share!
Get involved: http://typo3.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.typo3.org/pipermail/typo3-announce/attachments/20190122/54c13a62/attachment.pgp>


More information about the TYPO3-announce mailing list