Skip to main navigation Skip to main content Skip to page footer
Newsletter Sign-Up Follow Us

TYPO3 News & Events Hub

What’s New & What’s Coming

  • Development

HTMLArea 1.0.0

Stanislas Roland has recently released version 1.0.0 of his Rich Text Editor extension Originally based on HTMLarea, Stanislas has added several new features and improvements. While TYPO3's default RTE only works with Intern

Read more
  • Community

T3N Magazine 02/2005

The latest issue of the German-language T3N Magazine (02/2005) can now be ordered. The reader can expect a wide spectrum of interesting articles about TYPO3 and other open source technologies.

  • Community

Announcing the News Team

Today, the official News Team for TYPO3 has begun work on their project. Their goal is to collect and provide relevant, up-to-date news about TYPO3. The last few days have seen a restructuring of news.typo3.org,

  • Development

TYPO3 3.8.1 released

TYPO3 version 3.8.1 is ready for download. This is a maintenance release of the 3.8 branch and fixes a few security related issues. For further information about the changes 3.8.1 please also check out the article below.

  • TYPO3 CMS

TYPO3 Security Bulletin

Situations are imaginable where sensitive information gets stored in the fileadmin/_temp_/ directory. If misconfigured in your web server, this directory can be browsable and therefore expose that information.

  • TYPO3 CMS

TYPO3 Security Bulletin

Under special circumstances, setting config.baseURL (see typo3.org/documentation/document-library/doc_core_tsref/quot_CONFIG_quot/ ) to a numeric value ("1") could be used to spoof a malicious baseURL into your TYPO3 cache. It has now been decided...

  • TYPO3 CMS

TYPO3 Security Bulletin

For convenience, the TYPO3 Install Tool provides a button sets the "encryptionKey" to a random value. It has been observed that only parts of the generated value are actually random. The overall key is therefore unique and -as of today- considered...

  • TYPO3 CMS

TYPO3 Security Bulletin

In the past, a "Shift Reload" from the browser (AKA a GET request with the "no-cache" pragma set) cleared the TYPO3 cache of the requested page. This may be considered a potential target for Denial of Service attacks.

TYPO3 Security Bulletin

Various security issues have been reported for PhpMyAdmin (see www.securityfocus.com/bid/15196 for details.)

  • TYPO3 CMS

TYPO3 Security Bulletin

The file editor functionality in the TYPO3 Install Tool (menu option "Edit files in typo3conf/") has an option that reads "Make backup copy". If set, this will create a backup copy and append a "~" to the original file name. This leads to file names...

th_mailformplus

A weakness in the form validation of th_mailformplus has been discovered that may be abused to inject additional recipients in mail forms.

chc_forum

A bug has been discovered in the "CHC Forum" (chc_forum) extension where some Javascript expressions are not properly caught when entered in forms. Thus, specially crafted entries may be used to inject malicious code.

  • Development

Scalable Inman Flash Replacement

TYPO3 implementation of Scalable Inman Flash Replacement, a method to insert rich typography into web pages without sacrificing accessibility, search engine friendliness, or markup semantics. In an email interview I recently had with Maximo...

  • Development

Acronym Manager

Making a Web site accessible can be simple or complex, depending on many factors such as the type of content, the size and complexity of the site, and the development tools and environment. One common problem is to mark abbrevations, acronyms an...

  • Development

CSS styled IMGTEXT - Part3

I just released version 0.4.0 of CSS Styled Image Text. For who don't know yet, this is a working CSS based implementation of the "Text with Image" and "Image" content types (from tt_content).

  • Security

Security Bulletin TYPO3-20051010-1: fe_news

A bug has been discovered in the "Front End News Submitter" (fe_news) where SQL injection is not safely prevented. fe_rtenews is affected as well.