TYPO3 News & Events Hub
What’s New & What’s Coming
Stay up to date with the latest TYPO3 news and announcements by subscribing to our RSS feed.
TYPO3-EXT-SA-2016-004: Multiple vulnerabilities in extension "Fe user statistic" (festat)
It has been discovered that the extension "Fe user statistic" (festat) is susceptible to Cross-Site Scripting, Insecure Unserialize and Information Disclosure.
Mehr erfahrenTYPO3-EXT-SA-2016-003: Cross-Site Scripting in extension "Google Sitemap" (enter_new_weeaar_googlesitemap)
It has been discovered that the extension "Google Sitemap" (enter_new_weeaar_googlesitemap) is susceptible to Cross-Site Scripting.
TYPO3-EXT-SA-2016-002: Cross-Site Scripting in extension "List frontend users" (listfeusers)
It has been discovered that the extension "List frontend users" (listfeusers) is susceptible to Cross-Site Scripting.
TYPO3-EXT-SA-2016-001: Information Disclosure in extension "UTOPIA" (ics_utopia)
It has been discovered that the extension "UTOPIA" (ics_utopia) is susceptible to Information Disclosure.
Farewell Carsten
Thursday, 25th of February 2016, Carsten Bleicker passed away
TYPO3-CORE-SA-2016-008: Denial of Service attack possibility in TYPO3 component Indexed Search
It has been discovered, that TYPO3 is susceptible to a Denial of Service attack.
TYPO3-CORE-SA-2016-007: Cross-Site Scripting in TYPO3 component CSS styled content
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting.
TYPO3-CORE-SA-2016-006: Cross-Site Scripting in TYPO3 component Backend
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting.
TYPO3-CORE-SA-2016-005: XML External Entity (XXE) Processing in TYPO3 Core
It has been discovered, that TYPO3 is susceptible to XML External Entity Processing
TYPO3 CMS 6.2.19 and 7.6.4 released
The TYPO3 Community announces the versions 6.2.19 LTS and 7.6.4 LTS of the TYPO3 Enterprise Content Management System.