Security Advisories

• Security

TYPO3-20081222-2: TYPO3 Security Bulletin

It has been discovered that the extension WEC Discussion Forum (wec_discussion) is vulnerable to Cross-Site Scripting (XSS) and SQL injection.

• Security

TYPO3-20081222-1: TYPO3 Security Bulletin

It has been discovered that the extension phpMyAdmin (phpmyadmin) is vulnerable to SQL injections via XSRF.

• Developer & Technology
• Security

UPDATE-ON-RECENT-TYPO3ORG-ISSUE: Update on recent typo3.org issue

• Developer & Technology
• Security

IMPORTANT-SECURITY-WARNING: Important security warning

• Product Updates & Roadmap
• Security

TYPO3-20081113-2: Cross-Site Scripting vulnerability in TYPO3 Core

It has been discovered that the frontend plugin of system extension "felogin" is vulnerable to Cross-Site Scripting (XSS).

• Product Updates & Roadmap
• Security

TYPO3-20081113-1: Cross-Site Scripting vulnerability in TYPO3 Core

It has been discovered that the backend module "file" is vulnerable to Cross-Site Scripting (XSS).

• Developer & Technology
• Security

CROSS-SITE-SCRIPTING-VULNERABILITIES-IN-TYPO3-CORE: Cross Site Scripting vulnerabilities in TYPO3 core

It has been discovered that TYPO3 core is susceptible to two Cross Site Scripting (XSS) issues. The frontend plugin of system extension "felogin" and the backend module "file" are vulnerable.

• Security

TYPO3-20081110-2: TYPO3 Security Bulletin

Several vulnerabilities have been found in the following third party TYPO3 extensions: "advcalendar" (advCalendar), "CMS Poll system" (cms_poll), "eLuna Page Comments" (eluna_pagecomments), "Wir ber uns" [sic] (fsmi_people), "Dictionary" (rtgdictionary)

• Security

TYPO3-20081110-1: TYPO3 Security Bulletin

It has been discovered that the extension phpMyAdmin (phpmyadmin) is vulnerable to Cross-Site Scripting.

• Developer & Technology
• Security

SECURITY-ISSUES-IN-TYPO3-EXTENSION-PHPMYADMIN-AND-SEVERAL-OTHER-THIRD-PARTY-EXTENSIONS: Security issues in TYPO3 extension phpMyAdmin and several other third party extensions

Security issues have been discovered in the following third party TYPO3 extensions: "phpMyAdmin" (phpmyadmin), "advCalendar" (advcalendar), "CMS Poll system" (cms_poll), "eLuna Page Comments" (eluna_pagecomments), "Wir ber uns" [sic] (fsmi_people), "Dictionary" (rtgdictionary).