TYPO3 Security Bulletin TYPO3-20070710-1: SQL Injection in fechangepassword

By: Lars Houmark

It has been discovered that the extension fechangepassword is open for a SQL injection when updating the password.

Please read the entire security bulletin here:

TYPO3 Security Bulletin TYPO3-20070710-1: SQL Injection in fechangepassword

We also recommend that you subscribe to the TYPO3 Announce List, which is a low-traffic list, where only important announces like this one is being brought.

---