TYPO3 News & Events Hub
What’s new & what’s comin’
T3CON25 Schedule is Live
The 2025 TYPO3 Conference is only a few months away. The preliminary schedule for T3CON25 is now live on our website and will continue to be updated as talks and speakers are confirmed.
Read moreT3CON25 Programm ist live
Das vorläufige Programm der T3CON25 steht fest! Entdecken Sie drei Tage mit TYPO3 Vorträgen, Workshops, Community Day, Solution Day, Agency Day und den neuesten Informationen zu TYPO3 v14. Besuchen Sie uns im November in Düsseldorf zum Networking,...
Vote Now! Budget 2025 Ideas for Q4/2025 Have Been Published
The call for community budget ideas for the fourth quarter of 2025 was successful: Nine of nine ideas have made it to the poll. These ideas can now be discussed and TYPO3 Association members can cast their vote.
Vulnerability in bundled package in extension "Base Excel" (base_excel)
It has been discovered that the extension "Base Excel" (base_excel) bundles a vulnerable version of “phpoffice/phpspreadsheet“ which is susceptible to Server-Side Request Forgery.
Cross-Site Scripting in extension "Form to Database" (form_to_database)
It has been discovered that the extension "Form to Database" (form_to_database) is susceptible to Cross-Site Scripting.
Community Budget Report: Pinned Content Elements
Georg Ringer provides an update on his Community Budget for Q3/2025: In the third quarter of 2025, I had the opportunity to work on a new extension which improves the workflow for editors.
TYPO3 9.5.55, 10.4.54, and 11.5.48 ELTS Released
Our TYPO3 ELTS Team released new versions for TYPO3, 9.5.55, 10.4.54, and 11.5.48. As always with our ELTS maintenance releases, the main focus is to keep the instance stable and the backend running smoothly, regardless of current browsers changing...
Information Disclosure via CSV Download
It has been discovered that TYPO3 CMS is susceptible to information disclosure.
Information Disclosure in Workspaces Module
It has been discovered that TYPO3 CMS is susceptible to information disclosure.
Broken Access Control in Backend AJAX Routes
It has been discovered that TYPO3 CMS is susceptible to broken access control.
Information Disclosure via File Abstraction Layer
It has been discovered that TYPO3 CMS is susceptible to information disclosure.
Insufficient Entropy in Password Generation
It has been discovered that TYPO3 CMS is susceptible to insufficient entropy.
Denial of Service in TYPO3 Bookmark Toolbar
It has been discovered that TYPO3 CMS is susceptible to denial of service.
Open Redirect in TYPO3 CMS
It has been discovered that TYPO3 CMS is susceptible to open redirect.
TYPO3 13.4.18 and 12.4.37 security releases published
The versions 13.4.18 and 12.4.37 of the TYPO3 Enterprise Content Management System have just been released.
TYPO3 9.5.55, 10.4.54, and 11.5.48 ELTS Released
Still sticking to an older version of TYPO3? Today, 9.5.55, 10.4.54 and 11.5.48 have been released. Staying on top of maintenance updates should be a top priority - Gain peace of mind by opting for one of TYPO3 GmbH’s Extended Support offers!
This Month in TYPO3: August 2025 [Issue #28]
August saw an open call for Q4 community-budget ideas, a milestone localization update welcoming new language teams, and a heartfelt tribute to Symfony’s Ryan Weaver. It’s a month to propose bold initiatives, amplify global voices, and appreciate...
Meet the 2025 TYPO3 Awards Jury – Submit Your Projects until 15 September
It’s that time of year again! The 2025 TYPO3 Conference (25-27 November) and Awards Gala (27 November) in Düsseldorf, Germany, are just around the corner, and we’re thrilled to introduce the expert jury who will be selecting this year’s winners.
Command Injection in extension "TYPO3 Backup Plus" (ns_backup)
It has been discovered that the extension "TYPO3 Backup Plus" (ns_backup) is susceptible to Command Injection.
TYPO3 at DMEXCO 2025: Five Reasons to Be Excited
The TYPO3 team will be attending DMEXCO. Learn about the most exciting events, learning opportunities and networking taking place in Cologne and the TYPO3 booth.