Tag: Development
TYPO3-EXT-SA-2025-012: Cross-Site Scripting in extension "Form to Database" (form_to_database)
It has been discovered that the extension "Form to Database" (form_to_database) is susceptible to Cross-Site Scripting.
Read moreTYPO3-CORE-SA-2025-023: Information Disclosure via CSV Download
It has been discovered that TYPO3 CMS is susceptible to information disclosure.
TYPO3-CORE-SA-2025-022: Information Disclosure in Workspaces Module
It has been discovered that TYPO3 CMS is susceptible to information disclosure.
TYPO3-CORE-SA-2025-021: Broken Access Control in Backend AJAX Routes
It has been discovered that TYPO3 CMS is susceptible to broken access control.
TYPO3-CORE-SA-2025-020: Information Disclosure via File Abstraction Layer
It has been discovered that TYPO3 CMS is susceptible to information disclosure.
TYPO3-CORE-SA-2025-019: Insufficient Entropy in Password Generation
It has been discovered that TYPO3 CMS is susceptible to insufficient entropy.
TYPO3-CORE-SA-2025-018: Denial of Service in TYPO3 Bookmark Toolbar
It has been discovered that TYPO3 CMS is susceptible to denial of service.
TYPO3-CORE-SA-2025-017: Open Redirect in TYPO3 CMS
It has been discovered that TYPO3 CMS is susceptible to open redirect.
TYPO3 13.4.18 and 12.4.37 security releases published
The versions 13.4.18 and 12.4.37 of the TYPO3 Enterprise Content Management System have just been released.
TYPO3-EXT-SA-2025-011: Command Injection in extension "TYPO3 Backup Plus" (ns_backup)
It has been discovered that the extension "TYPO3 Backup Plus" (ns_backup) is susceptible to Command Injection.