It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting (XSS), Information Disclosure, Authentication Delay Bypass, Unserialize() vulnerability, Missing Access Control.
Please read this advisory for a description and solutions of all the above mentioned issues:
TYPO3 Security Bulletin TYPO3-CORE-SA-2011-001: Multiple vulnerabilities in TYPO3 Core
We also recommend that you subscribe to the TYPO3 Announce List to receive all future Security Bulletins and other important TYPO3 news.