TYPO3 News & Events Hub
What’s New & What’s Coming
TYPO3 CMS 7.6.14 released
The TYPO3 Community announces version 7.6.14 LTS of the TYPO3 Enterprise Content Management System.
Read moreJoin Us and Contribute!
In the last blog post we described how our infrastructure and setup works and what we wanted to achieve with it. Now you can experience it yourself! We just opened our infrastructure to allow public contributions - for example to the blog extension...
Report on the combined Server Admin and typo3.org Team Sprint in Würzburg (November 2016)
The combined code sprints of the Server Admin Team and the typo3.org team took place at the University of Würzburg over the weekend from November 11-13. In total, 13 participants worked on concepts and code for the (new) typo3.org we
Path Traversal in TYPO3 Core
It has been discovered, that TYPO3 is susceptible to Path Traversal.
Insecure Unserialize in TYPO3 Backend
It has been discovered, that TYPO3 is susceptible to Insecure Unserialize.
TYPO3 CMS 6.2.29, 7.6.13 and 8.4.1 released
The TYPO3 Community announces the versions 6.2.29 LTS, 7.6.13 LTS and 8.4.1 of the TYPO3 Enterprise Content Management System.
Our Internal Workflow
In this post we want to give you a glimpse of how we are working internally, which tools we use and what the benefits of that workflow are to us.
Unvalidated Redirect in extension "TC Directmail" (tcdirectmail)
It has been discovered that the extension "TC Directmail" (tcdirectmail) is susceptible to Unvalidated Redirect.
SQL Injection in extension "Member Infosheets" (if_membersheet)
It has been discovered that the extension "Member Infosheets" (if_membersheet) is susceptible to SQL Injection.
Cross Site-Scripting in extension "Secure Download Form" (rs_securedownload)
It has been discovered that the extension "Secure Download Form" (rs_securedownload) is susceptible to Cross Site-Scripting.
SQL Injection in extension "Shibboleth Authentication" (shibboleth_auth)
It has been discovered that the extension "Shibboleth Authentication" (shibboleth_auth) is susceptible to SQL Injection.
Insecure Unserialize and SQL Injection in extension "Code Highlighter" (mh_code_highlighter)
It has been discovered that the extension "Code Highlighter" (mh_code_highlighter) is susceptible to Insecure Unserialize and SQL Injection.
Cross-Site Scripting in extension "Store Locator" (locator)
It has been discovered that the extension "Store Locator" (locator) is susceptible to Cross-Site Scripting.
Cross-Site Scripting in extension "HTML5 Video Player" (html5videoplayer)
It has been discovered that the extension "HTML5 Video Player" (html5videoplayer) is susceptible to Cross-Site Scripting.
Multiple vulnerabilities in extension "TC Directmail " (tcdirectmail)
It has been discovered that the extension "TC Directmail " (tcdirectmail) is susceptible to Cross Site-Scripting and SQL Injection.
TYPO3 Backpack Kickstarter Campaign
We want to build a new TYPO3 Backpack with your help!
This Week in TYPO3: T3CON16
On October 26 and 27, the 12th European TYPO3 conference took place in Munich, Germany. For the second time the conference was accompanied by the TYPO3 Award ceremony, celebrating and awarding the most outstanding TYPO3 projects of agencies and...
Design Contest for typo3.org relaunch 2017
tl;dr: For the design and technical relaunch of typo3.org beginning in 2017, we would like to start a contest. You’re a creative designer or great at conception? Start your design program and have the chance to create the main design of typo3.org!...
TYPO3 CMS 6.2.28 and 7.6.12 released
The TYPO3 Community announces the versions 6.2.28 LTS and 7.6.12 LTS of the TYPO3 Enterprise Content Management System.
TYPO3 GmbH Releases Blog Extension
We are proud to announce that we just released the extension powering this very blog. The main goal for this blog extension was to use TYPO3s core concepts and elements to provide a full-blown blog that users of TYPO3 can instantly understand and...