Security Advisories

• Developer & Technology
• Product Updates & Roadmap
• TYPO3 CMS

TYPO3-CORE-SA-2022-002: Information Disclosure via Exception Handling/Logger

• Oliver Hader

14 June 2022

It has been discovered that TYPO3 CMS is susceptible to information disclosure.

Read more

• Developer & Technology
• Product Updates & Roadmap
• TYPO3 CMS

TYPO3-CORE-SA-2022-001: Information Disclosure via Export Module

• Oliver Hader

14 June 2022

It has been discovered that TYPO3 CMS is susceptible to information disclosure.

• Developer & Technology
• TYPO3 Extensions

TYPO3-EXT-SA-2022-013: Cross-Site Scripting in extension "AMEOS - TarteAuCitron (GDPR cookie banner and tracking management / French RGPD compatible)" (ameos_tarteaucitron)

• Torben Hansen

14 June 2022

It has been discovered that the extension "AMEOS - TarteAuCitron (GDPR cookie banner and tracking management / French RGPD compatible)" (ameos_tarteaucitron) is susceptible to Cross-Site Scripting.

• Developer & Technology
• TYPO3 Extensions

TYPO3-EXT-SA-2022-012: Cross-Site Scripting in extension "Embedding schema.org vocabulary" (schema)

• Torben Hansen

14 June 2022

It has been discovered that the extension "Embedding schema.org vocabulary" (schema) is susceptible to Cross-Site Scripting.

• Developer & Technology
• TYPO3 Extensions

TYPO3-EXT-SA-2022-011: Cross-Site Scripting in extension "Matomo Integration" (matomo_integration)

• Torben Hansen

14 June 2022

It has been discovered that the extension "Matomo Integration" (matomo_integration) is susceptible to Cross-Site Scripting.

• Developer & Technology
• TYPO3 Extensions

TYPO3-EXT-SA-2022-010: Cross-Site Scripting in extension "libconnect" (libconnect)

• Torben Hansen

14 June 2022

It has been discovered that the extension "libconnect" (libconnect) is susceptible to Cross-Site Scripting.

• Developer & Technology
• TYPO3 Extensions

TYPO3-EXT-SA-2022-009: Cross-Site Scripting in extension "Grid Elements" (gridelements)

• Torben Hansen

26 April 2022

It has been discovered that the extension "Grid Elements" (gridelements) is susceptible to Cross-Site Scripting.

• Developer & Technology
• TYPO3 Extensions

TYPO3-EXT-SA-2022-008: Multiple vulnerabilities in extension "Adminer" (t3adminer)

• Torben Hansen

26 April 2022

It has been discovered that the extension "Adminer" (t3adminer) is susceptible to Server-side request forgery and Cross-Site Scripting.

• Developer & Technology
• TYPO3 Extensions

TYPO3-EXT-SA-2022-007: SQL Injection in extension "One is Enough Library" (oelib)

• Torben Hansen

26 April 2022

It has been discovered that the extension "One is Enough Library" (oelib) is susceptible to SQL Injection.

• Developer & Technology
• TYPO3 Extensions

TYPO3-EXT-SA-2022-006: SQL Injection in extension "Seminar Manager" (seminars)

• Torben Hansen

26 April 2022

It has been discovered that the extension "Seminar Manager" (seminars) is susceptible to SQL Injection.