Security Bulletins

Several vulnerabilities in third party extensions

Authors: Marcus Krause, Category: TYPO3 Extension September 02, 2014

Several vulnerabilities have been found in the following third-party TYPO3 extensions: cwt_feedit, eu_ldap, flatmgr, jh_opengraphprotocol, ke_dompdf, lumophpinclude, news_pack, sb_akronymmanager, st_address_ma, weeaar_googlesitemap,. wt_directory


Multiple Vulnerabilities in TYPO3 CMS

Authors: Helmut Hummel, Category: TYPO3 CMS May 22, 2014

It has been discovered that TYPO3 CMS is vulnerable to Cross-Site Scripting, Insecure Unserialize, Improper Session Invalidation, Authentication Bypass, Information Disclosure and Host Spoofing.