TYPO3 News & Events Hub
What’s New & What’s Coming
Authentication Bypass in TYPO3 CMS
It has been discovered, that TYPO3 CMS is vulnerable to Authentication Bypass.
Read moreArbitrary File Disclosure in Form Component
It has been discovered, that TYPO3 Form Component is susceptible to Arbitrary File Disclosure.
Cross-Site Scripting in TYPO3 Backend
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting.
Results of the TYPO3 Association Elections 2016
The TYPO3 Association (T3A) communicates the results of the 2016 elections for the Expert Advisory Board (EAB) and Business Control Committee (BCC). The TYPO3 Association gladly welcomes the new members and thanks the leaving ones for their...
Explanation of the T3A 2016 budget
Last month, we sent out the budget agreements for 2016 and in this article we are going to explain how the budgets have been assigned for 2016 and the motivations for the decisions we made. Introduction A few months ago we announced the process for...
TYPO3 founds independent service company
The TYPO3 Association is establishing an independent service company that will provide its members with support services and attend to the technological development of the CMS system in the future. The resolution to found the company was passed...
Report on the Server Admin Team sprint in Stuttgart (March 2016)
The first sprint of the TYPO3 Server Admin Team in 2016 took place during the weekend of March 18-20 in Stuttgart.
What you should know about the General Assembly 2016
At the 6th of April the GA will decide on the concept of TYPO3 Inc.
Multiple vulnerabilities in extension "Ajax mail subscription" (ods_ajaxmailsubscription)
It has been discovered that the extension "Ajax mail subscription" (ods_ajaxmailsubscription) is susceptible to Insecure Authentication and Session Handling.
TYPO3 Inc. Draft Business Plan - Public feedback needed!
I just come from hosting a webinar regarding the TYPO3 Inc. plans that are up for voting on the GA. Mathias Schreiber and myself presented the core business model, organization as well as financial plannind and funding to over 80 attendees from all...
TYPO3 v8.0 - Start Your Engines
Today, the TYPO3 community published the first sprint release of the v8 series of TYPO3, the enterprise content management.
This Week in TYPO3 (2016, week 9)
This Week: International TYPO3camps Venlo and Vienna coming up, Extbase & Fluid Second edition in English. Entering the final stage of the TYPO3 Inc. and kicking of version 8.
Codesprint: Waalwijk and Venlo Camp make for a great week in april
Join the code sprint in Waalwijk and share your experience at the TYPO3camp Venlo afterwards.
Report on codesprint Karlsruhe 3.3-6.3.16
Another codesprint took place, preparing for the first release of the v8 series.
Upcoming elections in the TYPO3 Association 2016
Official positions in the TYPO3 Association have a tenure of office of 2 years. Each year half of the positions are newly elected. In 2016 the following positions are up for election:
SQL Injection in extension "Another simple gallery" (chgallery)
It has been discovered that the extension "Another simple gallery" (chgallery) is susceptible to SQL Injection.
Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)
It has been discovered that the extension "phpMyAdmin" (phpmyadmin) is susceptible to unsafe comparison of XSRF/CSRF token, multiple full path disclosure vulnerabilities, multiple XSS vulnerabilities, insecure password generation in JavaScript.
Entering the final stage of the TYPO3 Inc. preparation - we need you!
The TYPO3 Inc. preparation group is coming to the final stage of its work. During the past months we held countless meetings and discussion in order to find out what would be a viable way to start up the TYPO3 Inc.
Discontinuation of the Subversion Service at svn.typo3.org
Five years after the move of TYPO3 CMS to Git, the Subversion server svn.typo3.org will be shut down on May 1st, 2016.
Kicking off TYPO3 v8 Development
The TYPO3 core team is officially starting the next development cycle. Sprint releases every 8-10 weeks along the way until TYPO3 8 LTS (Long Term Support) in April 2017 will ensure that new projects can possibly be set up with v8 already. A smooth...