Contact Us!

We highly appreciate your security awareness.

  • If you learn about a potential security issue in the TYPO3 core or in an extension, please always contact the TYPO3 Security Team. 
  • If you discover a security problem in your own extension, please inform the TYPO3 Security Team as well. They can help you to fix it, and they may want to issue an advisory once it is fixed.
  • Before contacting us, make sure to read our provided information and guidelines about Security in TYPO3 and our Bug Bounty Program.

Please always give us a reasonable amount of time to assess the vulnerability and get back to you with an answer.

Report security issues

Security related information can be sent to security(at)typo3.org

Concerning GPG encryption

You can send GPG/PGP encrypted emails to security(at)typo3.org using key id C05FBE60 (complete fingerprint B41C C3EF 373E 0F5C 7018 7FE9 3BEF BD27 C05F BE60).