TYPO3 News & Events Hub
What’s New & What’s Coming
Stay up to date with the latest TYPO3 news and announcements by subscribing to our RSS feed.
TYPO3-20070221-1: Email header injection
A problem has been discovered where the internal form engine can be used for sending arbitrary mail headers, using it for purposes which it is not meant for.
Mehr erfahrenTYPO3-SECURITY-BULLETIN-TYPO3-20070221-1-EMAIL-HEADER-INJECTION: TYPO3 Security Bulletin TYPO3-20070221-1: Email header injection
A problem has been discovered where the internal form engine can be used for sending arbitrary mail headers, using it for purposes which it is not meant for.
T3N Magazin - New english articles
Once again, we present to you three freshly translated articles from the current issue of the T3N magazine.
TYPO3 4.1 Release Candidate 1
The core team is proud to announce the first Release Candidate of TYPO3 4.1. The 4.1 development is now feature frozen so only bugfixes will be added until the final release.
TYPO3-20070919-1: Multiple vulnerabilities in extension mm_forum
It has been discovered that the extension mm_forum is vulnerable to multiple SQL Injection attacks and multiple XSS flaws alongside other vulnerabilities.
TYPO3-20070124-1: Tip-a-friend - Header Injection
A header injection problem has been found in the extension tipafriend
TYPO3 4.1 Beta 3
The core team is proud to announce the third and last Beta of TYPO3 version 4.1.
TYPO3 4.1 Beta 2
4.1 Beta 2 was already released together with the Security Bulletin last Wednesday. However, back then we didn't write a proper announcement of the changes between Beta 1 and Beta 2, so here it is.
TYPO3-SECURITY-BULLETIN-TYPO3-20061220-1-REMOTE-COMMAND-EXECUTION-IN-TYPO3: TYPO3 Security Bulletin TYPO3-20061220-1: Remote Command Execution in TYPO3
TYPO3-20061220-1: Remote Command Execution
A critical problem has been discovered in plugin class.tx_rtehtmlarea_pi1.php that is used for spell-checking in the rtehtmlarea extension.