Security Advisories
All Advisories
TYPO3-EXT-SA-2016-014: Information Disclosure in extension "Questionnaire" (ke_questionnaire)
It has been discovered that the extension "Questionnaire" (ke_questionnaire) is susceptible to Information Disclosure.
Mehr erfahrenTYPO3-EXT-SA-2016-013: SQL Injection in extension "Browser - TYPO3 without PHP" (browser)
It has been discovered that the extension "Browser - TYPO3 without PHP" (browser) is susceptible to SQL Injection.
TYPO3-EXT-SA-2016-012: Path Traversal in extension "Media management" (media)
It has been discovered that the extension "Media management" (media) is susceptible to Path Traversal.
TYPO3-EXT-SA-2016-011: Cross-Site Scripting in extension "Formhandler" (formhandler)
It has been discovered that the extension "Formhandler" (formhandler) is susceptible to Cross-Site Scripting.
TYPO3-EXT-SA-2016-010: Missing Access Check in extension "Frontend User Registration" (sf_register)
It has been discovered that the extension "Frontend User Registration" (sf_register) lacks a proper access check.
TYPO3-CORE-SA-2016-013: Missing Access Check in TYPO3 CMS
It has been discovered, that TYPO3 CMS lacks an access check for Extbase actions.
TYPO3-PSA-2016-002: Important Security-Bulletin Pre-Announcement
TYPO3 releases containing a fix for a critical vulnerability will be published Tuesday 24th of May at about 10:00 a.m. CEST (08:00 a.m. GMT).
TYPO3-PSA-2016-001: Critical vulnerabilities in ImageMagick
Multiple vulnerabilities in ImageMagick have been discovered, Remote Code Execution being one of them.
TYPO3-CORE-SA-2016-012: Privilege Escalation in TYPO3 CMS
It has been discovered, that TYPO3 CMS is vulnerable to Privilege Escalation.
TYPO3-CORE-SA-2016-011: Authentication Bypass in TYPO3 CMS
It has been discovered, that TYPO3 CMS is vulnerable to Authentication Bypass.