Content managment system TYPO3 developers informed they discovered multiple critical flaws in their software. The vulnerabilities were patched. The holse include XSS, SQL injection, arbitrary code execution and redirection vulnerabilities.

TYPO3 developers urge users to upgrade their software to versions 4.1.14, 4.2.13, 4.3.4 or 4.4.1. All of them were patched.

Users may download the software from TYPO3 webpage.

Source: SC Magazine
30.07.2010