TYPO3 News & Events Hub
What’s new & what’s comin’
TYPO3 CMS 6.2.26, 7.6.10 and 8.2.1 released
The TYPO3 Community announces the versions 6.2.26 LTS, 7.6.10 LTS and 8.2.1 of the TYPO3 Enterprise Content Management System.
Read moreTYPO3-CORE-SA-2016-020: Cross-Site Scripting in third party library mso/idna-convert
It has been discovered, that TYPO3 ships example code of mso/idna-convert library that is vulnerable to Cross-Site Scripting
TYPO3-CORE-SA-2016-019: Environment Variable Injection
It has been discovered, that PHP exposes the risk of Environment Variable Injection and TYPO3 is vulnerable through third party library guzzlehttp/guzzle
TYPO3-CORE-SA-2016-018: Cross-Site Scripting vulnerability in typolinks
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting.
TYPO3-CORE-SA-2016-017: Information Disclosure in TYPO3 Backend
It has been discovered, that TYPO3 is susceptible to Information Disclosure.
TYPO3-CORE-SA-2016-016: SQL Injection in TYPO3 Frontend Login
It has been discovered, that TYPO3 is susceptible to SQL Injection.
TYPO3-CORE-SA-2016-015: Insecure Unserialize in TYPO3 Import/Export
It has been discovered, that TYPO3 is susceptible to Insecure Unserialize.
TYPO3-CORE-SA-2016-014: Cross-Site Scripting in TYPO3 Backend
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting.
TYPO3-EXT-SA-2016-020: Insecure Unserialize in extension "Page path" (pagepath)
It has been discovered that the extension "Page path" (pagepath) is susceptible to Insecure Unserialize.
TYPO3-EXT-SA-2016-019: Cross-Site Scripting in extension "CCDebug" (cc_debug)
It has been discovered that the extension "CCDebug" (cc_debug) is susceptible to Cross-Site Scripting.