Tag: Security
Maintaining the “health” of your website is crucial and knowing that it is running securely is the most important question of all. Business websites need to be monitored, extended and updated on a regular basis. If you’re still running your website on an outdated TYPO3 version, gain peace of mind by opting for TYPO3 GmbH’s ELTS offer.
TYPO3-EXT-SA-2023-009: Insecure Direct Object Reference in extension "Content Consent" (content_consent)
It has been discovered that the extension "Content Consent" (content_consent) is susceptible to Insecure Direct Object Reference.
Read moreTYPO3-EXT-SA-2023-008: Broken Access Control in extension "femanager" (femanager)
It has been discovered that the extension "femanager" (femanager) is susceptible to Broken Access Control.
TYPO3-EXT-SA-2023-007: Broken Access Control in extension "hCaptcha for EXT:form" (hcaptcha)
It has been discovered that the extension "hCaptcha for EXT:form" (hcaptcha) is susceptible to Broken Access Control.
TYPO3-EXT-SA-2023-006: Multiple vulnerabilities in extension "Canto Extension" (canto_extension)
It has been discovered that the extension "Canto Extension" (canto_extension) is susceptible to Server Side Request Forgery and Remote Code Execution.
TYPO3-EXT-SA-2023-005: SQL Injection in extension "ipandlanguageredirect" (ipandlanguageredirect)
It has been discovered that the extension "ipandlanguageredirect" (ipandlanguageredirect) is susceptible to SQL Injection.
TYPO3-EXT-SA-2023-004: Cross-Site Scripting in extension "Faceted Search" (ke_search)
It has been discovered that the extension "Faceted Search" (ke_search) is susceptible to Cross-Site Scripting.
TYPO3 ELTS 8.7 - Year Four Is Now Live
Benefit from one more year of extended support for TYPO3 8.7. Increase your ROI and stay legally compliant.
TYPO3-EXT-SA-2023-003: Cross-Site Scripting in extension "Fluid Components" (fluid_components)
It has been discovered that the extension "Fluid Components" (fluid_components) is susceptible to Cross-Site Scripting.
TYPO3-EXT-SA-2023-002: Persisted Cross-Site Scripting in extension "Forms Export" (frp_form_answers)
It has been discovered that the extension "Forms Export" (frp_form_answers) is susceptible to Cross-Site Scripting.
TYPO3-EXT-SA-2023-001: Broken Access Control in extension "femanager" (femanager)
It has been discovered that the extension "femanager" (femanager) is susceptible to Broken Access Control.