TYPO3 News & Events Hub
What’s New & What’s Coming
Explanation of the T3A 2017 budget
Introduction A few months ago we started the process for receiving funds from the TYPO3 Association. The application phase was followed by a discussion and a poll by the members. The results of this poll are meant to give the Expert Advisory Board...
Read moreSymfonyCon 2016 Recap
December 2016 began with a cool event in Berlin - SymfonyCon. We want to share our view on the event and most importantly how the PHP ecosystem in general and TYPO3 in particular are affected by this.
Results of the typo3.org Design Contest
On 3rd November, we announced the typo3.org Design Contest to get impressions and ideas from the community for the new typo3.org website. Now we want to present the winners.
Scheduled maintenance of the TYPO3 Git / Gerrit Server
git.typo3.org and review.typo3.org will be under maintenance on Friday, Dec 9th.
TYPO3 CMS 7.6.14 released
The TYPO3 Community announces version 7.6.14 LTS of the TYPO3 Enterprise Content Management System.
Join Us and Contribute!
In the last blog post we described how our infrastructure and setup works and what we wanted to achieve with it. Now you can experience it yourself! We just opened our infrastructure to allow public contributions - for example to the blog extension...
Report on the combined Server Admin and typo3.org Team Sprint in Würzburg (November 2016)
The combined code sprints of the Server Admin Team and the typo3.org team took place at the University of Würzburg over the weekend from November 11-13. In total, 13 participants worked on concepts and code for the (new) typo3.org we
Path Traversal in TYPO3 Core
It has been discovered, that TYPO3 is susceptible to Path Traversal.
Insecure Unserialize in TYPO3 Backend
It has been discovered, that TYPO3 is susceptible to Insecure Unserialize.
TYPO3 CMS 6.2.29, 7.6.13 and 8.4.1 released
The TYPO3 Community announces the versions 6.2.29 LTS, 7.6.13 LTS and 8.4.1 of the TYPO3 Enterprise Content Management System.
Our Internal Workflow
In this post we want to give you a glimpse of how we are working internally, which tools we use and what the benefits of that workflow are to us.
Unvalidated Redirect in extension "TC Directmail" (tcdirectmail)
It has been discovered that the extension "TC Directmail" (tcdirectmail) is susceptible to Unvalidated Redirect.
SQL Injection in extension "Member Infosheets" (if_membersheet)
It has been discovered that the extension "Member Infosheets" (if_membersheet) is susceptible to SQL Injection.
Cross Site-Scripting in extension "Secure Download Form" (rs_securedownload)
It has been discovered that the extension "Secure Download Form" (rs_securedownload) is susceptible to Cross Site-Scripting.
SQL Injection in extension "Shibboleth Authentication" (shibboleth_auth)
It has been discovered that the extension "Shibboleth Authentication" (shibboleth_auth) is susceptible to SQL Injection.
Insecure Unserialize and SQL Injection in extension "Code Highlighter" (mh_code_highlighter)
It has been discovered that the extension "Code Highlighter" (mh_code_highlighter) is susceptible to Insecure Unserialize and SQL Injection.
Cross-Site Scripting in extension "Store Locator" (locator)
It has been discovered that the extension "Store Locator" (locator) is susceptible to Cross-Site Scripting.
Cross-Site Scripting in extension "HTML5 Video Player" (html5videoplayer)
It has been discovered that the extension "HTML5 Video Player" (html5videoplayer) is susceptible to Cross-Site Scripting.
Multiple vulnerabilities in extension "TC Directmail " (tcdirectmail)
It has been discovered that the extension "TC Directmail " (tcdirectmail) is susceptible to Cross Site-Scripting and SQL Injection.
TYPO3 Backpack Kickstarter Campaign
We want to build a new TYPO3 Backpack with your help!