Security Advisories

• TYPO3 Extensions

TYPO3-EXT-SA-2017-012: Arbitrary File Disclosure in extension "restler" (restler)

• Torben Hansen

07 November 2017

It has been discovered that the extension "restler" (restler) is susceptible to Arbitrary File Disclosure.

Mehr erfahren

• TYPO3 Extensions

TYPO3-EXT-SA-2017-011: Cross Site-Scripting in extension "Formhandler" (formhandler)

• Torben Hansen

07 November 2017

It has been discovered that the extension "Formhandler" (formhandler) is susceptible to Cross-Site Scripting.

• TYPO3 Extensions

TYPO3-EXT-SA-2017-010: Cross Site-Scripting in extension "Recommend page " (pb_recommend_page)

• Torben Hansen

07 November 2017

It has been discovered that the extension "Recommend page " (pb_recommend_page) is susceptible to Cross-Site Scripting.

• TYPO3 Extensions

TYPO3-EXT-SA-2017-009: Cross Site-Scripting in extension "T3Blog Extbase" (t3extblog)

• Torben Hansen

07 November 2017

It has been discovered that the extension "T3Blog Extbase" (t3extblog) is susceptible to Cross-Site Scripting.

• TYPO3 Extensions

TYPO3-EXT-SA-2017-008: Multiple vulnerabilities in extension "File manager" (ameos_filemanager)

• Torben Hansen

07 November 2017

It has been discovered that the extension "File manager" (ameos_filemanager) is susceptible to Remote Code Execution, SQL Injection and Information Disclosure.

• Public Service Announcement

TYPO3-PSA-2017-001: Privilege Escalation in Extension Repository (TER)

• Thomas Löffler

06 September 2017

It has been discovered that the TYPO3 Extension Repository (TER) is vulnerable to privilege escalation.

• Developer & Technology
• TYPO3 CMS

TYPO3-CORE-SA-2017-007: Arbitrary Code Execution in TYPO3 CMS

• Oliver Hader

05 September 2017

It has been discovered, that TYPO3 CMS is vulnerable to Arbitrary Code Execution.

• Developer & Technology
• TYPO3 CMS

TYPO3-CORE-SA-2017-005: Information Disclosure in TYPO3 CMS

• Oliver Hader

05 September 2017

It has been discovered, that TYPO3 CMS is susceptible to Information Disclosure.

• Developer & Technology
• TYPO3 CMS

TYPO3-CORE-SA-2017-006: Information Disclosure in TYPO3 CMS

• Oliver Hader

05 September 2017

It has been discovered, that TYPO3 CMS is susceptible to Information Disclosure.

• Developer & Technology
• TYPO3 CMS

TYPO3-CORE-SA-2017-004: Cross-Site Scripting in TYPO3 CMS Backend

• Oliver Hader

05 September 2017

It has been discovered, that TYPO3 CMS is vulnerable to Cross-Site Scripting.