Security Advisories
All Advisories
TYPO3-EXT-SA-2020-019: Sensitive Data Exposure in extension "View frontend statistics" (view_statistics)
It has been discovered that the extension "View frontend statistics" (view_statistics) is susceptible to Sensitive Data Exposure.
Mehr erfahrenTYPO3-EXT-SA-2020-018: Multiple vulnerabilities in extension "phpMyAdmin" (phpmyadmin)
It has been discovered that the extension "phpmyadmin" (phpmyadmin) is susceptible to SQL Injection and Cross-Site Scripting.
TYPO3-EXT-SA-2020-017: Multiple vulnerabilities in extension "Event management and registration" (sf_event_mgt)
It has been discovered that the extension "Event management and registration" (sf_event_mgt) is susceptible to Information Disclosure and Broken Access Control.
TYPO3-EXT-SA-2020-016: Information Disclosure in extension "Localization Manager" (l10nmgr)
It has been discovered that the extension "Localization Manager" (l10nmgr) is susceptible to Information Disclosure.
TYPO3-EXT-SA-2020-015: Cross-Site Scripting in extension "Kitodo.Presentation" (dlf)
It has been discovered that the extension "Kitodo.Presentation" (dlf) is susceptible to Cross-Site Scripting.
TYPO3-CORE-SA-2020-008: Sensitive Information Disclosure
It has been discovered that TYPO3 CMS is susceptible to sensitive information disclosure.
TYPO3-CORE-SA-2020-007: Potential Privilege Escalation
It has been discovered that TYPO3 CMS is susceptible to privilege escalation.
TYPO3-EXT-SA-2020-014: Sensitive Information Disclosure in extension "Media Content Element" (mediace)
It has been discovered that the extension "Media Content Element" (mediace) is susceptible to Sensitive Information Disclosure.
TYPO3-PSA-2020-001: Critical vulnerability in legacy versions of TYPO3 CMS
It has been discovered that TYPO3 CMS is susceptible to sensitive information disclosure in previous TYPO3 versions which are not maintained by the community anymore.
TYPO3-EXT-SA-2020-013: Multiple vulnerabilities in extension "mm_forum" (mm_forum)
It has been discovered that the extension "mm_forum" (mm_forum) is susceptible to Cross Site Scripting and CSRF.