It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting (XSS), Open Redirection, SQL Injection, Broken Authentication and Session Management, Insecure Randomness, Information...

More... (http://News.typo3.org/news/article/multiple-security-issues-found-in-typo3-core-2/)