Critical security vulnerability closed
A security issue rated as critical was fixed with versions 10.4.36 LTS, 11.5.23 LTS.
As announced in the message "TYPO3-CORE-SA-2023-001: Persisted Cross-Site Scripting in Frontend Rendering", it was possible to inject malicious code on affected pages by exploiting a security vulnerability (so-called cross-site scripting).
Customers who use our TYPO3 update service have received this version automatically and do not have to worry about the security of their websites.
We recommend all users who run TYPO3 websites to keep their system up to date. If you have any questions or need advice, please contact us.