A critical security vulnerability has been disclosed in the content management system Typo3. All operators of Typo3 websites should take immediate action.
The Problem
The vulnerability affects the Typo3 core and allows attackers to execute code on the server through manipulated requests. The vulnerability is already being actively exploited.
Affected Versions
Multiple Typo3 versions are affected. Patched versions are available for download on the Typo3 website.
What You Should Do
- Update immediately: Download and install the patched version
- Check extensions: Make sure all installed extensions are also up to date
- Check logs: Review your server logs for suspicious access attempts
- Create a backup: Make a complete backup before updating
Managed Server Customers
If Typo3 is installed on your managed server, we have already informed you about the necessary steps. For questions, contact info@ingate.de.
