Security Bulletin TYPO3-20080513-4: Multiple vulnerabilities in extension Statistics (ke_stats)

By: Henning Pingel

It has been discovered that the extension Statistics (ke_stats) is vulnerable to Blind SQL Injection attacks. Also, a Cross Site Scripting issue has been found.

Please read the entire security bulletin here:

Security Bulletin TYPO3-20080513-4: Multiple vulnerabilities in extension Statistics (ke_stats)

We also recommend that you subscribe to the TYPO3 Announce List to receive all future Security bulletins and other important TYPO3 news.

 

---