It has been discovered that TYPO3 Core is vulnerable to Broken Authentication and Session Management, Cross-Site Scripting, Insecure Randomness and Remote Command Execution.
Please read this bulletin for a description and solutions on all the above mentioned issues: