Security Bulletin TYPO3-20051010-1: fe_news

By: Ekkehard Gümbel

A bug has been discovered in the "Front End News Submitter" (fe_news) where SQL injection is not safely prevented. fe_rtenews is affected as well.

A fix is available for fe_rtenews, while fe_news has been removed from the TER.

Please see the complete Bulletin for details.