Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: Cross-site scripting vulnerabilities have been discovered in both the frontend and the backend. Also, user data could be leaked. More details can be found in the Typo3 security advisory.
For the stable distribution (lenny), these problems have been fixed in version 4.2.5-1+lenny3.
For the upcoming stable distribution (squeeze) and the unstable distribution (sid), these problems have been fixed in version 4.3.2-1.
We recommend that you upgrade your typo3-src package.