TYPO3 News & Events Hub
What’s New & What’s Coming
Entering the final stage of the TYPO3 Inc. preparation - we need you!
The TYPO3 Inc. preparation group is coming to the final stage of its work. During the past months we held countless meetings and discussion in order to find out what would be a viable way to start up the TYPO3 Inc.
Read moreDiscontinuation of the Subversion Service at svn.typo3.org
Five years after the move of TYPO3 CMS to Git, the Subversion server svn.typo3.org will be shut down on May 1st, 2016.
Kicking off TYPO3 v8 Development
The TYPO3 core team is officially starting the next development cycle. Sprint releases every 8-10 weeks along the way until TYPO3 8 LTS (Long Term Support) in April 2017 will ensure that new projects can possibly be set up with v8 already. A smooth...
Cross-Site Scripting in extension "Apache Solr for TYPO3" (solr)
It has been discovered that the extension "Apache Solr for TYPO3" (solr) is susceptible to Cross-Site Scripting.
Cross-Site Scripting in extension "Extension Kickstarter" (kickstarter)
It has been discovered that the extension "Extension Kickstarter" (kickstarter) is susceptible to Cross-Site Scripting.
Multiple vulnerabilities in extension "Fe user statistic" (festat)
It has been discovered that the extension "Fe user statistic" (festat) is susceptible to Cross-Site Scripting, Insecure Unserialize and Information Disclosure.
Cross-Site Scripting in extension "Google Sitemap" (enter_new_weeaar_googlesitemap)
It has been discovered that the extension "Google Sitemap" (enter_new_weeaar_googlesitemap) is susceptible to Cross-Site Scripting.
Cross-Site Scripting in extension "List frontend users" (listfeusers)
It has been discovered that the extension "List frontend users" (listfeusers) is susceptible to Cross-Site Scripting.
Information Disclosure in extension "UTOPIA" (ics_utopia)
It has been discovered that the extension "UTOPIA" (ics_utopia) is susceptible to Information Disclosure.
Farewell Carsten
Thursday, 25th of February 2016, Carsten Bleicker passed away
Denial of Service attack possibility in TYPO3 component Indexed Search
It has been discovered, that TYPO3 is susceptible to a Denial of Service attack.
Cross-Site Scripting in TYPO3 component CSS styled content
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting.
Cross-Site Scripting in TYPO3 component Backend
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting.
TYPO3 CMS 6.2.19 and 7.6.4 released
The TYPO3 Community announces the versions 6.2.19 LTS and 7.6.4 LTS of the TYPO3 Enterprise Content Management System.
XML External Entity (XXE) Processing in TYPO3 Core
It has been discovered, that TYPO3 is susceptible to XML External Entity Processing
This Week in TYPO3 (2016, Week 6)
A special on TYPO3 documentation infrastructure, certification, T3Rookies Summer Camp 2016, TYPO3 usergroup India and bootup-camps gaining popularity! All things TYPO3 community!
Cross-Site Scripting in form component
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting
Cross-Site Scripting in legacy form component
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting
Cross-Site Scripting in link validator component
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting
SQL Injection in dbal
It has been discovered, that TYPO3 is susceptible to SQL Injection