Tag: Security
Maintaining the “health” of your website is crucial and knowing that it is running securely is the most important question of all. Business websites need to be monitored, extended and updated on a regular basis. If you’re still running your website on an outdated TYPO3 version, gain peace of mind by opting for TYPO3 GmbH’s ELTS offer.
TYPO3-EXT-SA-2021-009: Denial of Service in Extension "Deferred image processing" (deferred_image_processing)
It has been discovered that the extension "Deferred image processing" (deferred_image_processing) is susceptible to Denial of Service.
Read moreTYPO3-EXT-SA-2021-008: Sensitive Information Disclosure in “Extbase Yaml Routes” (routes)
It has been discovered that the extension “Extbase Yaml Routes” (routes) is susceptible to Sensitive Information Disclosure.
TYPO3 11.3.2, 10.4.19, 9.5.29, 8.7.42, 7.6.53 security releases published
The versions 11.3.2, 10.4.19, 9.5.29, 8.7.42, 7.6.53 of the TYPO3 Enterprise Content Management System have just been released.
TYPO3-EXT-SA-2021-007: Cross-Site Scripting in extension "Bootstrap Package" (bootstrap_package)
It has been discovered that the extension "Bootstrap Package" (bootstrap_package) is susceptible to Cross-Site Scripting.
TYPO3-EXT-SA-2021-006: Server-side request forgery in extension "Yoast SEO for TYPO3" (yoast_seo)
It has been discovered that the extension "Yoast SEO for TYPO3" (yoast_seo) is susceptible to Server-side request forgery (SSRF).
TYPO3-EXT-SA-2021-005: SQL Injection in extension "Dynamic Content Element" (dce)
It has been discovered that the extension "Dynamic Content Element" (dce) is susceptible to SQL Injection.
TYPO3-EXT-SA-2021-004: Cross-Site Scripting in extension "2 Clicks for External Media" (media2click)
It has been discovered that the extension "2 Clicks for External Media" (media2click) is susceptible to Cross-Site Scripting.
TYPO3-EXT-SA-2021-003: Cross-Site Scripting in extension "Aimeos shop and e-commerce framework" (aimeos)
It has been discovered that the extension"Aimeos shop and e-commerce framework" (aimeos) is susceptible to Cross-Site Scripting.
TYPO3-EXT-SA-2021-002: Denial of Service in extension "Code Highlight" (codehighlight)
It has been discovered that the extension "Code Highlight" (codehighlight) is susceptible to Denial of Service.
TYPO3-EXT-SA-2021-001: SQL Injection in extension "VHS: Fluid ViewHelpers" (vhs)
It has been discovered that the extension "VHS: Fluid ViewHelpers" (vhs) is susceptible to SQL Injection.