Some vulnerabilities have been reported in Typo3, which can be
exploited by malicious people to bypass certain security restrictions,
conduct cross-site scripting and session fixation attacks, and
compromise a vulnerable system.
The "Install tool" system extension uses insufficiently random
entropy sources to generate an encryption key, resulting in weak
security.
The authentication library does not properly invalidate supplied
session tokens, which can be exploited to hijack a user's
session.
Certain unspecified input passed to the "Indexed Search Engine"
system extension is not properly sanitised before being used to invoke
commands. This can be exploited to inject and execute arbitrary shell
commands.
Input passed via the name and content of files to the "Indexed Search
Engine" system extension is not properly sanitised before being returned
to the user. This can be exploited to execute arbitrary HTML and script
code in a user's browser session in context of an affected site.
Certain unspecified input passed to the Workspace module is not
properly sanitised before being returned to the user. This can be
exploited to execute arbitrary HTML and script code in a user's
browser session in context of an affected site.
Note: It is also reported that certain unspecified input passed to
test scripts of the "ADOdb" system extension is not properly sanitised
before being returned to the user. This can be exploited to execute
arbitrary HTML and script code in a user's browser session in context
of an affected website.