TYPO3 News & Events Hub
What’s New & What’s Coming
Coders' Corner: September 2025
Each month, we celebrate TYPO3 contributors in our Developer Appreciation Day post. Please take a moment to share gratitude for their continued passion and time.
Read moreMembers Have Selected Four Ideas to be Funded in Quarter 4/2025
The TYPO3 Association member poll for the Q4/2025 budget ideas has been finished and this time four winning ideas will be funded by the TYPO3 Association.
DMEXCO 2025 Recap
Discover TYPO3’s highlights from DMEXCO 2025, including the Experience Hub, partner talks, networking, and where to meet us next.
TYPO3 Meets SEAL: A Breath of Fresh Air for Search
When I submitted the Q3/2025 budget request, one of the most exciting parts of the proposal was the integration of the Search Engine Abstraction Layer (SEAL) into TYPO3. My intention was to address the challenges around search and indexing while also...
Contribute to Step‑by‑Step Guides — a New Way to Learn TYPO3 Hands‑On
Step‑by‑Step Guides are hands-on tutorials focused on completing a single, practical task from start to finish. Here’s what they are, how they differ from traditional documentation, and why they can be a go-to resource when learning or contributing...
T3CON25 Schedule is Live
The preliminary T3CON25 schedule is live! Discover three days of TYPO3 talks, workshops, Community Day, Solution Day, Agency Day, and the latest on TYPO3 v14. Join us in Düsseldorf this November for networking, learning, and the TYPO3 Awards.
Vote Now! Budget 2025 Ideas for Q4/2025 Have Been Published
The call for community budget ideas for the fourth quarter of 2025 was successful: Nine of nine ideas have made it to the poll. These ideas can now be discussed and TYPO3 Association members can cast their vote.
Vulnerability in bundled package in extension "Base Excel" (base_excel)
It has been discovered that the extension "Base Excel" (base_excel) bundles a vulnerable version of “phpoffice/phpspreadsheet“ which is susceptible to Server-Side Request Forgery.
Cross-Site Scripting in extension "Form to Database" (form_to_database)
It has been discovered that the extension "Form to Database" (form_to_database) is susceptible to Cross-Site Scripting.
Community Budget Report: Pinned Content Elements
Georg Ringer provides an update on his Community Budget for Q3/2025: In the third quarter of 2025, I had the opportunity to work on a new extension which improves the workflow for editors.
Information Disclosure via CSV Download
It has been discovered that TYPO3 CMS is susceptible to information disclosure.
Information Disclosure in Workspaces Module
It has been discovered that TYPO3 CMS is susceptible to information disclosure.
Broken Access Control in Backend AJAX Routes
It has been discovered that TYPO3 CMS is susceptible to broken access control.
Information Disclosure via File Abstraction Layer
It has been discovered that TYPO3 CMS is susceptible to information disclosure.
Insufficient Entropy in Password Generation
It has been discovered that TYPO3 CMS is susceptible to insufficient entropy.
Denial of Service in TYPO3 Bookmark Toolbar
It has been discovered that TYPO3 CMS is susceptible to denial of service.
Open Redirect in TYPO3 CMS
It has been discovered that TYPO3 CMS is susceptible to open redirect.
TYPO3 13.4.18 and 12.4.37 security releases published
The versions 13.4.18 and 12.4.37 of the TYPO3 Enterprise Content Management System have just been released.
TYPO3 9.5.55, 10.4.54, and 11.5.48 ELTS Released
Still sticking to an older version of TYPO3? Today, 9.5.55, 10.4.54 and 11.5.48 have been released. Staying on top of maintenance updates should be a top priority - Gain peace of mind by opting for one of TYPO3 GmbH’s Extended Support offers!
This Month in TYPO3: August 2025 [Issue #28]
August saw an open call for Q4 community-budget ideas, a milestone localization update welcoming new language teams, and a heartfelt tribute to Symfony’s Ryan Weaver. It’s a month to propose bold initiatives, amplify global voices, and appreciate...