A critical security issue has been found in the Extbase component of the Typo3 CMS system. A bugfix has been released by the Typo3 maintainers. The Typo3 versions that contain the bugfix are: 6.2.24, 7.6.8 8.1.1.

Use the ISPProtect Malware scanner to find outdated Typo3 installations on your hosting server. ISPProtect reports outdated Typo3 versions in the outdated CMS version report.

Read the security bulletin at typo3.org for details on the issue and instructions to fix it: https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-013/

Typo3 – Critical security issue