TYPO3 News & Events Hub
What’s New & What’s Coming
Stay up to date with the latest TYPO3 news and announcements by subscribing to our RSS feed.
TYPO3-SA-2009-020: Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: Car (car), TYPO3 Watchdog (aba_watchdog), File list (dr_blob), ListMan (nl_listman), XDS Staff List (xds_staff), Document Directorys (danp_documentdirs), Random Prayer Version 2 (ste_prayer2), Diocese of Portsmouth Resources Database (pd_resources), Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery), Parish Administration Database (ste_parish_admin), Diocese of Portsmouth Calendar (pd_calendar), Flash SlideShow (slideshow), Subscription (mf_subscription), No indexed Search (no_indexed_search), Job Exchange (jobexchange), Training Company Database (trainincdb), ZID Linkliste (zid_linklist), vShoutbox (vshoutbox), Frontend news submitter with RTE (fe_rtenews)
Mehr erfahrenSECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-INCLUDING-CAR-ABA-WATCHDOG-DR-BLOB-NL-LISTMAN-XDS-STAFF-DANP-DOCUMENTDIRS-STE-PRAYER2-PD-RESOURCES-HS-RELIGIOUSARTGALLERY-STE-PARISH-ADMIN-PD-CALENDAR: Security issues in several third party TYPO3 extensions including car, aba_watchdog, dr_blob, nl_listman, xds_staff, danp_documentdirs, ste_prayer2, pd_resources, hs_religiousartgallery, ste_parish_admin, pd_calendar
Security vulnerabilities have been discovered in following third party TYPO3 extensions: Car (car), TYPO3 Watchdog (aba_watchdog), File list (dr_blob), ListMan (nl_listman), XDS Staff List (xds_staff), Document Directorys (danp_documentdirs), Random Prayer Version 2 (ste_prayer2), Diocese of Portsmouth Resources Database (pd_resources), Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery), Parish Administration Database (ste_parish_admin), Diocese of Portsmouth Calendar (pd_calendar), Flash SlideShow (slideshow), Subscription (mf_subscription), No indexed Search (no_indexed_search), Job Exchange (jobexchange), Training Company Database (trainincdb), ZID Linkliste (zid_linklist), vShoutbox (vshoutbox), Frontend news submitter with RTE (fe_rtenews)
Series of English Video Tutorials for Editors Completed
The videos section now offers the complete video series featuring the current TYPO3 version in English as well.
TYPO3 snippets online (again)!
Add your snippets! Get your snippets!
SECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-INCLUDING-CAL-DIRECT-MAIL-AN-SEARCHIT-KK-DOWNLOADER-LT-BASETAG-MCHTRIPS-SIMPLE-GLOSSAR-TW-PRODUCTFINDER-WFQBE: Security issues in several third party TYPO3 extensions including cal, direct_mail, an_searchit, kk_downloader, lt_basetag, mchtrips, simple_glossar, tw_productfinder, wfqbe
Security vulnerabilities have been discovered in following third party TYPO3 extensions: "Calendar Base" (cal), "Direct Mail" (direct_mail), "[AN] Search it!" (an_searchit), "Simple download-system with counter and categories" (kk_downloader), "Automatic Base Tags for RealUrl" (lt_basetag), "Trips" (mchtrips), "simple Glossar" (simple_glossar), "TW Productfinder" (tw_productfinder), "DB Integration" (wfqbe)
TYPO3-SA-2009-019: Blind SQL Injection vulnerability in extension Calendar Base (cal)
It has been discovered that the extension Calendar Base (cal) is vulnerable to Blind SQL Injection.
TYPO3-SA-2009-018: Cross-Site Scripting vulnerability in extension Direct Mail (direct_mail)
It has been discovered that the extension Direct Mail (direct_mail) is vulnerable to XSS.
TYPO3-SA-2009-017: Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: [AN] Search it! (an_searchit), Simple download-system with counter and categories (kk_downloader), Automatic Base Tags for RealUrl (lt_basetag), Trips (mchtrips), simple Glossar (simple_glossar), TW Productfinder (tw_productfinder), DB Integration (wfqbe)
TYPO3 Version 4.3 Released: Frontend Editing and a Promising Future
BAAR, 2009-11-30 Today the TYPO3 Association released the newest version of their outstandingly successful Open Source project TYPO3. TYPO3 has been downloaded over 4.1 million times - making it one of the world's leading Enterprise Open Source projects. The latest TYPO3 version 4.3 comes packed with numerous brand new features and improvements. Highlights include the completely new Frontend editing module and the integration of Extbase and Fluid. Additionally, TYPO3's already excellent security features have been improved even further.
TYPO3 4.3 RC 2
The TYPO3 Core Team is proud to announce the second Release Candidate of TYPO3 version 4.3. This version fixes the important issues discovered after TYPO3 4.3-RC1.