TYPO3 News & Events Hub
What’s New & What’s Coming
Congratulations to the first "TYPO3 Certified Integrators" - new exams available
Till end of 2008 we have 48 "TYPO3 Certified Integrators" worldwide. The certification committee congratulates them for their success!
Read moreDAM 1.1.0 has been released
The DAM development team is proud to announce the release of version 1.1.0 of Digital Asset Management (DAM), the bugfix Release after "The Big Sleep".
SECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS: Security issues in several third party TYPO3 extensions
Security vulnerabilities have been discovered in the following third party TYPO3 extensions: "phpMyAdmin" (phpmyadmin), "DR Wiki - Typo3 Wiki extension" (dr_wiki), "WEC Discussion Forum" (wec_discussion), "Vox populi" (mv_vox_populi), "SB Universal Plugin" (SBuniplug), "Simple File Browser" (simplefilebrowser), "TU-Clausthal ODIN" (tuc_odin), "TU-Clausthal Staff" (tuc_staff), "WEBERkommunal Facilities" (wes_facilities).
TYPO3-20081222-4: TYPO3 Security Bulletin
Several vulnerabilities have been found in the following third party TYPO3 extensions: "Vox populi" (mv_vox_populi), "SB Universal Plugin" (SBuniplug), "Simple File Browser" (simplefilebrowser), "TU-Clausthal ODIN" (tuc_odin), "TU-Clausthal Staff" (tuc_staff), "WEBERkommunal Facilities" (wes_facilities)
TYPO3-20081222-3: TYPO3 Security Bulletin
It has been discovered that the extension DR Wiki - Typo3 Wiki extension (dr_wiki) is vulnerable to Cross-Site Scripting (XSS).
TYPO3-20081222-2: TYPO3 Security Bulletin
It has been discovered that the extension WEC Discussion Forum (wec_discussion) is vulnerable to Cross-Site Scripting (XSS) and SQL injection.
TYPO3-20081222-1: TYPO3 Security Bulletin
It has been discovered that the extension phpMyAdmin (phpmyadmin) is vulnerable to SQL injections via XSRF.
