TYPO3-SECURITY-BULLETIN-TYPO3-20070221-1-EMAIL-HEADER-INJECTION: TYPO3 Security Bulletin TYPO3-20070221-1: Email header injection

Categories: Security Created by Lars Houmark
A problem has been discovered where the internal form engine can be used for sending arbitrary mail headers, using it for purposes which it is not meant for.

Please read the entire security bulletin here:

TYPO3 Security Bulletin 20070221-1: Email header injection

We also recommend that you subscribe to the TYPO3 Announce List, which is a low-traffic list, where only important announces like this one is being brought.