TYPO3 News & Events Hub
What’s New & What’s Coming
Recap of TYPO3 Codesprint Dresden - 2nd-5th August 2018
Despite the tropical climate, a few developers dedicated four days of contributing to the TYPO3 Core at last weekend’s Codesprint in Dresden, Germany. Among the brave participants was core developer Anja Leichsenring - Learn more about her...
Read moreInformation Disclosure in extension "TemplaVoilà! Plus" (templavoilaplus)
It has been discovered that the extension "TemplaVoilà! Plus" (templavoilaplus) is susceptible to Information Disclosure.
Cross-Site Scripting in extension "Frontend Treeview" (mh_treeview)
It has been discovered that the extension "Frontend Treeview" (mh_treeview) is susceptible to Cross-Site Scripting.
Environment Variable Injection in extension "Amazon Web Services SDK " (aws_sdk)
It has been discovered that the extension "Amazon Web Services SDK " (aws_sdk) is susceptible to Environment Variable Injection.
Captcha bypass in extension "Front End User Registration" (sr_feuser_register)
It has been discovered that the extension "Front End User Registration" (sr_feuser_register) is susceptible to Captcha bypass.
Environment Variable Injection in extension "AWS SDK for PHP" (aws_sdk_php)
It has been discovered that the extension "AWS SDK for PHP" (aws_sdk_php) is susceptible to Environment Variable Injection.
Cross-site scripting vulnerability in extension "Powermail" (powermail)
It has been discovered that the extension "Powermail" (powermail) is susceptible to Cross-Site Scripting.
Environment Variable Injection in extension "Amazon AWS S3 FAL driver (CDN)" (aus_driver_amazon_s3)
It has been discovered that the extension "Amazon AWS S3 FAL driver (CDN)" (aus_driver_amazon_s3) is susceptible to Environment Variable Injection.
Missing Access Check in extension "Register to tt_address" (registeraddress)
It has been discovered that the extension "Register to tt_address" (registeraddress) has a missing access check.
Cross-Site Scripting in extension "Heise Shariff" (rx_shariff)
It has been discovered that the extension "Heise Shariff" (rx_shariff) is susceptible to Cross-Site Scripting.
July 2018: Developer Appreciation Day (DAD)
Welcome back to Developer Appreciation Day (DAD)! We’re very happy to present another analysis of contributions to TYPO3 CMS over the last month to you. No doubt about it, you developers rock - thanks a lot to all of you! Check our current list for...
TYPO3 9.3.3, 8.7.18 and 7.6.31 released
The TYPO3 Community announces the versions 9.3.3, 8.7.18 LTS and 7.6.31 LTS of the TYPO3 Enterprise Content Management System.
This Month in TYPO3 - July 2018 - Issue #4
The highlight event of July certainly was the CertiFUNcation Day. But there are also many other noteworthy things happening in the TYPO3 community. Happy reading!
Open Source Digital Asset Management With TYPO3 CMS
Today’s business websites require a content management system (CMS) which can easily handle digital media content. TYPO3 CMS streamlines your content management efforts, providing you with Digital Asset Management (DAM) tools right out of the box.
A new structure for the TYPO3 Core team
The TYPO3 Core Team started a restructuring process led by Oliver Hader and me. Over the following weeks working modes, processes and current requirements will be evaluated and ultimately result in a new and more sustainable team structure with an...
TYPO3 ELTS Release Version 6.2.38
Have you stayed on top of maintenance and updates for your TYPO3 instance? If you’re still running TYPO3 LTS version 6.2, you may want to consider opting for Extended Long Term Support (ELTS). Last week ELTS version 6.2.38 was released.
SkillDisplay - Coffee & Talk at TYPO3 Eastern Europe 2018
At TYPO3 Eastern Europe 2018 (T3EE) the SkillDisplay team will be organizing a coffee round, where educators and business persons can talk about their needs regarding TYPO3 education and cooperation. The staff at the SkillDisplay booth will gladly...
Call for Sponsors: Annual TYPO3 University Day Coming Up
Higher educational TYPO3ers, the TYPO3 Academic Committee and TYPO3 GmbH have joined forces to bring this year’s TYPO3 University Day (T3UD18) to an excellent location in the heart of Germany, just south of Frankfurt am Main.
Insecure Deserialization in TYPO3 CMS
It has been discovered, that TYPO3 CMS is vulnerable to Insecure Deserialization.
Privilege Escalation & SQL Injection in TYPO3 CMS
It has been discovered, that TYPO3 CMS is vulnerable to Privilege Escalation and SQL Injection.