Tag: Security
Maintaining the “health” of your website is crucial and knowing that it is running securely is the most important question of all. Business websites need to be monitored, extended and updated on a regular basis. If you’re still running your website on an outdated TYPO3 version, gain peace of mind by opting for TYPO3 GmbH’s ELTS offer.
TYPO3-CORE-SA-2021-015: HTTP Host Header Injection in Request Handling
It has been discovered that TYPO3 CMS is vulnerable to HTTP header injection.
Read moreTYPO3-CORE-SA-2021-014: Cross-Site-Request-Forgery in Backend URI Handling
It has been discovered that TYPO3 CMS is vulnerable to cross-site-request-forgery.
ELTS is now available for TYPO3 version 9.5!
Extended Long Term Support for TYPO3 version 9.5 officially started today. ELTS offers up to three more years of security, compliance, and compatibility and will be available until October 2024.
Extended Long Term Support for TYPO3 9.5 - Pre-Order Now Available
Extended Long Term Support for TYPO3 version 9.5 is now available for pre order and will officially start on October 1, 2021.
Extended ELTS for TYPO3 7.6 - it’s happening!
Extended ELTS 7.6 has been released, as the ELTS 7.6 expires in November 2021. In case you’re not ready to upgrade, feel free to renew your ELTS for one more year.
TYPO3-EXT-SA-2021-014: SQL Injection in extension "Newsletter" (newsletter)
It has been discovered that the extension"Newsletter" (newsletter) is susceptible to SQL Injection.
TYPO3-EXT-SA-2021-013: Multiple vulnerabilities in Extension "Dated News" (dated_news)
It has been discovered that the extension"Dated News" (dated_news) is susceptible to SQL Injection, Cross-Site Scripting, Information Disclosure and Broken Access Control.
TYPO3-EXT-SA-2021-012: Cross Site Scripting in Extension "Yoast SEO for TYPO3" (yoast_seo)
It has been discovered that the extension "Yoast SEO for TYPO3" (yoast_seo) is susceptible to Cross Site Scripting.
TYPO3-EXT-SA-2021-011: Multiple vulnerabilities in Extension "Miniorange Saml" (miniorange_saml)
It has been discovered that the extension "Miniorange Saml" (miniorange_saml) is susceptible to Cross-Site Scripting, Sensitive Data Exposure and vulnerable 3rd Party Components.
TYPO3-EXT-SA-2021-010: Cross-Site Scripting in Extension "femanager" (femanager)
It has been discovered that the extension "femanager" (femanager) is susceptible to Cross-Site Scripting.