TYPO3 News & Events Hub
What’s new & what’s comin’
TYPO3-CORE-SA-2015-003: Frontend login Session Fixation
It has been discovered that TYPO3 is susceptible to session fixation.
Read moreTYPO3-CORE-SA-2015-004: Cross-Site Scripting in Link Handling & File List
It has been discovered, that TYPO3 is vulnerable to Cross-Site Scripting.
TYPO3-CORE-SA-2015-005: Information Disclosure possibility exploitable by Editors
It has been discovered, that editors could list all files and folders in the root directory of a TYPO3 installation.
TYPO3-CORE-SA-2015-006: Brute Force Protection Bypass in backend login
It has been discovered, that the backend login brute force protection can be bypassed
TYPO3-CORE-SA-2015-007: Cross-Site Scripting in 3rd party library Flowplayer
It has been discovered, that third party component Flowplayer Flash is vulnerable to cross-site scripting.
TYPO3-EXT-SA-2015-015: Cross-Site Scripting in extension "404 Page not found handling" (pagenotfoundhandling)
It has been discovered that the extension "404 Page not found handling" (pagenotfoundhandling) is susceptible to Cross-Site Scripting
This Week in TYPO3 (2015, Week 25)
Neos splits of from the TYPO3 community, release of TYPO3 CMS 7.3, new TYPO3 Agency meetups and events: T3CON15 and T3CON15ASIA
#T3THX – The behind the scene of being a TYPO3 Association Member
With the aim of saying thank you to them, as well as to hear what they would thank the TYPO3 Association for, we asked our Platinum Members to tell us about their experience as crucial supporting part of the TYPO3 Association (T3A).
Member Poll regarding the Neos split
Information about the upcoming poll for members of the TYPO3 Association.
TYPO3-EXT-SA-2015-014: SQL Injection in extension "Akronymmanager" (sb_akronymmanager)
It has been discovered that the extension "Akronymmanager" (sb_akronymmanager) is susceptible to SQL Injection