DSA-2098-1 typo3-src -- severalID: oval:org.secpod.oval:def:600153 | Date: (C)2011-01-28 (M)2022-10-10 |
Class: PATCH | Family: unix |
Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: cross-site Scripting, open redirection, SQL injection, broken authentication and session management, insecure randomness, information disclosure and arbitrary code execution. The testing distribution will be fixed soon. For the unstable distribution , these problems have been fixed in version 4.3.5-1. We recommend that you upgrade your typo3-src package.