Thu. 22nd October, 2009
It has been discovered that the TYPO3 Core is vulnerable to Cross-site scripting, SQL-Injection, Remote shell command execution, Information Disclosure and insecure Install Tool authentication/session handling.
This is a companion discussion topic for the original entry at https://typo3.org/article/multiple-security-issues-found-in-typo3-core-4/