It has been discovered that TYPO3 Core is vulnerable to Remote File Disclosure, Cross-Site Scripting (XSS), Privilege Escalation and Denial of Service.

More... (http://news.typo3.org/news/article/multiple-security-issues-found-in-typo3-core-one-of-them-beeing-critical/)