Security Advisories
All Advisories
TYPO3-EXT-SA-2021-005: SQL Injection in extension "Dynamic Content Element" (dce)
It has been discovered that the extension "Dynamic Content Element" (dce) is susceptible to SQL Injection.
Read moreTYPO3-EXT-SA-2021-004: Cross-Site Scripting in extension "2 Clicks for External Media" (media2click)
It has been discovered that the extension "2 Clicks for External Media" (media2click) is susceptible to Cross-Site Scripting.
TYPO3-CORE-SA-2021-008: Cross-Site Scripting in Content Preview
It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
TYPO3-CORE-SA-2021-007: Cross-Site Scripting in Content Preview
It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
TYPO3-CORE-SA-2021-006: Cleartext storage of session identifier
It has been discovered that TYPO3 CMS is susceptible to sensitive data exposure.
TYPO3-CORE-SA-2021-005: Denial of Service in Page Error Handling
It has been discovered that TYPO3 CMS is susceptible to denial of service.
TYPO3-CORE-SA-2021-004: Cross-Site Scripting in Form Framework
It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
TYPO3-CORE-SA-2021-003: Broken Access Control in Form Framework
It has been discovered that TYPO3 CMS is vulnerable to broken access control.
TYPO3-CORE-SA-2021-002: Unrestricted File Upload in Form Framework
It has been discovered that TYPO3 CMS is vulnerable to unrestricted file upload.
TYPO3-CORE-SA-2021-001: Open Redirection in Login Handling
It has been discovered that TYPO3 CMS is susceptible to open redirection.