Insecure Unserialize and Path Traversal vulnerabilities found in TYPO3 Core
Dear TYPO3 users! It has been discovered that TYPO3 CMS is susceptible to Insecure Unserialize and Path Traversal. For details on the issues please read the accordant advisories: TYPO3-CORE-SA-2016-023: Insecure Unserialize in TYPO3 Backend https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-023/ TYPO3-CORE-SA-2016-024: Path Traversal in TYPO3 Core https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-024/ In general the TYPO3 Security Team recommends to read the following pages: The TYPO3 Security Guide: https://docs.typo3.org/typo3cms/SecurityGuide/ Make sure you are subscribed to the TYPO3 Announce List: http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-announce See all TYPO3 security advisories: https://typo3.org/teams/security/security-bulletins/ In general the TYPO3 Security Team recommends to read the following pages: The TYPO3 Security Guide: https://docs.typo3.org/typo3cms/SecurityGuide/ Make sure you are subscribed to the TYPO3 Announce List: http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-announce See all TYPO3 security advisories: https://typo3.org/teams/security/security-bulletins/ Regards, Helmut Hummel Member of the TYPO3 Security Team -- TYPO3 Security Team homepage: https://typo3.org/teams/security/ E-Mail: security@typo3.org