Security Advisories
All Advisories
TYPO3-EXT-SA-2017-003: SQL Injection in extension "Faceted Search" (ke_search)
It has been discovered that the extension "Faceted Search" (ke_search) is susceptible to SQL Injection.
Read moreTYPO3-EXT-SA-2017-004: Remote Code Execution in extension "Maag Sendmail" (maag_sendmail)
It has been discovered that the extension "Maag Sendmail" (maag_sendmail) is susceptible to Remote Code Execution.
TYPO3-EXT-SA-2017-005: Remote Code Execution in extension "AH Sendmail" (ah_sendmail)
It has been discovered that the extension "AH Sendmail" (ah_sendmail) is susceptible to Remote Code Execution.
TYPO3-EXT-SA-2017-006: Remote Code Execution in extension "PHPMailer" (bb_phpmailer)
It has been discovered that the extension "PHPMailer" (bb_phpmailer) is susceptible to Remote Code Execution.
TYPO3-EXT-SA-2017-007: SQL Injection in extension "Content Rating Extbase" (content_rating_extbase)
It has been discovered that the extension "Content Rating Extbase" (content_rating_extbase) is susceptible to SQL Injection.
TYPO3-EXT-SA-2017-002: SQL Injection in extension "Event management and registration" (sf_event_mgt)
It has been discovered that the extension "Event management and registration" (sf_event_mgt) is susceptible to SQL Injection.
TYPO3-EXT-SA-2017-001: SQL Injection in extension "News system" (news)
It has been discovered that the extension "News system" (news) is susceptible to SQL Injection.
TYPO3-CORE-SA-2017-003: Cross-Site Scripting in TYPO3 CMS
It has been discovered, that TYPO3 is vulnerable to Cross-Site Scripting
TYPO3-CORE-SA-2017-002: Authentication Bypass in TYPO3 Frontend
It has been discovered, that TYPO3 CMS is vulnerable to Authentication Bypass.
TYPO3-CORE-SA-2017-001: Remote Code Execution in third party library swiftmailer
It has been discovered, that the third party package swiftmailer/swiftmailer is vulnerable to Remote Code Execution