TYPO3 News & Events Hub
What’s New & What’s Coming
Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: Event Manager (eventmanagement), Game Article DB (game_articledb), Simple career (ml_career), Surprise Calendar (ml_surprisecalendar), Search Api Ajax Google...
Read moreMultiple vulnerabilities in extension T3BLOG (t3blog)
It has been discovered that the extension T3BLOG (t3blog) is vulnerable to SQL Injection and Cross–Site Scripting.
FLOW3 1.0.0 alpha 7 released
The FLOW3 core team is delighted to announce the release of the seventh alpha release of FLOW3.
Security issue found in TYPO3 core
It has been discovered that using the openid system extension in TYPO3 4.3.0 can lead to an authentication bypass under certain circumstances.
TYPO3 4.3.1 released
The TYPO3 Core Team announces version 4.3.1 of the TYPO3 Enterprise Content Management System.
TYPO3 4.2.11 released
The TYPO3 Core Team announces version 4.2.11 of the TYPO3 Enterprise Content Management System.
Vulnerability in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to authentication bypass.
Security issues in several third party TYPO3 extensions
Security vulnerabilities have been discovered in following third party TYPO3 extensions: MK-AnydropdownMenu (mk_anydropdownmenu), Photo Book (goof_fotoboek), SB Folderdownload (sb_folderdownload), Developer log (devlog), KJ: Imagelightbox...
Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: MK-AnydropdownMenu (mk_anydropdownmenu), Photo Book (goof_fotoboek), SB Folderdownload (sb_folderdownload), Developer log (devlog), KJ: Imagelightbox...
We invite you to T3CON10-Dallas
We invite you to T3CON10-Dallas, the 2nd annual North American TYPO3 conference on May 20-22nd. This will be a great time to learn more about the powerful system we use everyday and to connect with other developers and TYPO3 users from both North...
First T3SKI event held in Japan: 9 - 11 January 2010
Three Members of the TYPO3 Users Group in Japan (TUGJ) organize T3SKI10 in the Japanese Alps.
On the Road to TYPO3 v4.4 - Status Report #1
Every couple of weeks, I want to give you a quick status update on how development is progressing with the next TYPO3 v4 release. Here is the first update!
Steering Committee Strategical Meeting
The Steering Committee met in Hamburg on the 4th of December at Bitfarmers for a Strategical Meeting. Oliver Hader (new core team leader) and Benni Mack (new release manager) have been invited to the meeting to participate. The structure of the...
Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: Car (car), TYPO3 Watchdog (aba_watchdog), File list (dr_blob), ListMan (nl_listman), XDS Staff List (xds_staff), Document Directorys (danp_documentdirs), Random...
Security issues in several third party TYPO3 extensions including car, aba_watchdog, dr_blob, nl_listman, xds_staff, danp_documentdirs, ste_prayer2, pd_resources, hs_religiousartgallery, ste_parish_admin, pd_calendar
Security vulnerabilities have been discovered in following third party TYPO3 extensions: Car (car), TYPO3 Watchdog (aba_watchdog), File list (dr_blob), ListMan (nl_listman), XDS Staff List (xds_staff), Document Directorys (danp_documentdirs), Random...
Series of English Video Tutorials for Editors Completed
The videos section now offers the complete video series featuring the current TYPO3 version in English as well.
TYPO3 snippets online (again)!
Add your snippets! Get your snippets!
Security issues in several third party TYPO3 extensions including cal, direct_mail, an_searchit, kk_downloader, lt_basetag, mchtrips, simple_glossar, tw_productfinder, wfqbe
Security vulnerabilities have been discovered in following third party TYPO3 extensions: "Calendar Base" (cal), "Direct Mail" (direct_mail), "[AN] Search it!" (an_searchit), "Simple download-system with counter and categories" (kk_downloader),...
Blind SQL Injection vulnerability in extension Calendar Base (cal)
It has been discovered that the extension Calendar Base (cal) is vulnerable to Blind SQL Injection.
Cross-Site Scripting vulnerability in extension Direct Mail (direct_mail)
It has been discovered that the extension Direct Mail (direct_mail) is vulnerable to XSS.