TYPO3 News & Events Hub
What’s New & What’s Coming
Stay up to date with the latest TYPO3 news and announcements by subscribing to our RSS feed.
June diary of the TYPO3 Association
During the month of June TYPO3 has been visiting Madrid, while its community was involved in voting on the Neos budget and on exchanging thank you notes.
Mehr erfahrenT3BOARD 2016: the planning is on.
A message to the TYPO3 snowboarders and skiers from the organizers of T3BOARD16.
This Week in TYPO3 (2015, Week 26)
This Week we have TYPO3camp Berlin, T3Rookies Summercamp in Romania, codesprint in France and Roar: Docs! Docs! Docs!
TYPO3 CMS 6.2.14 and 7.3.1 released
The TYPO3 Community announces the versions 6.2.14 LTS and 7.0.2 of the TYPO3 Enterprise Content Management System.
TYPO3-CORE-SA-2015-002: Access bypass when editing file metadata
It has been discovered, that editors could change, create or delete metadata of files without permission.
TYPO3-CORE-SA-2015-003: Frontend login Session Fixation
It has been discovered that TYPO3 is susceptible to session fixation.
TYPO3-CORE-SA-2015-004: Cross-Site Scripting in Link Handling & File List
It has been discovered, that TYPO3 is vulnerable to Cross-Site Scripting.
TYPO3-CORE-SA-2015-005: Information Disclosure possibility exploitable by Editors
It has been discovered, that editors could list all files and folders in the root directory of a TYPO3 installation.
TYPO3-CORE-SA-2015-006: Brute Force Protection Bypass in backend login
It has been discovered, that the backend login brute force protection can be bypassed
TYPO3-CORE-SA-2015-007: Cross-Site Scripting in 3rd party library Flowplayer
It has been discovered, that third party component Flowplayer Flash is vulnerable to cross-site scripting.