Security Advisories
All Advisories
TYPO3-SA-2011-001: Cross-Site Scripting vulnerability in extension "Media [DAM]" (dam)
It has been discovered that the extension Media [DAM] (dam) is vulnerable to Cross-Site Scripting.
Mehr erfahrenMULTIPLE-SECURITY-ISSUES-FOUND-IN-TYPO3-CORE-3: Multiple security issues found in TYPO3 core
It has been discovered that TYPO3 Core is vulnerable to Arbitrary Code Execution, Path Traversal, Cross-Site Scripting (XSS), SQL injection and Information Disclosure.
TYPO3-SA-2010-022: Multiple vulnerabilities in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Arbitrary Code Execution, Path Traversal, Cross-Site Scripting (XSS), SQL injection and Information Disclosure.
SECURITY-ISSUE-IN-THIRD-PARTY-TYPO3-EXTENSION-POWERMAIL-1: Security issue in third party TYPO3 extension powermail
A security vulnerability has been discovered in the third party TYPO3 extension powermail.
TYPO3-SA-2010-021: TYPO3 Security Bulletin
It has been discovered that the extension powermail (powermail) is vulnerable to Cross-Site Scripting.
MULTIPLE-SECURITY-ISSUES-FOUND-IN-TYPO3-CORE-ONE-OF-THEM-BEEING-CRITICAL: Multiple security issues found in TYPO3 core, one of them beeing critical
It has been discovered that TYPO3 Core is vulnerable to Remote File Disclosure, Cross-Site Scripting (XSS), Privilege Escalation and Denial of Service.
TYPO3-SA-2010-020: Multiple vulnerabilities in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Remote File Disclosure, Cross-Site Scripting (XSS), Privilege Escalation and Denial of Service.
TYPO3-SA-2010-019: TYPO3 Security Bulletin
It has been discovered that the extension powermail (powermail) is vulnerable to Cross-Site Scripting, SQL Injection and Validation Bypass
SECURITY-ISSUE-IN-THIRD-PARTY-TYPO3-EXTENSION-POWERMAIL: Security issue in third party TYPO3 extension powermail
Security vulnerabilities have been discovered in the third party TYPO3 extension powermail.
TYPO3-SA-2010-018: Multiple vulnerabilities in third-party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: Commenting system Backend Module (commentsbe), Tiny Market (hm_tinymarket), Yet Another Calendar (ke_yac), The official twitter tweet button for your page (tweetbutton), XING Button (xing)