TYPO3-20051107-1: A bug has been discovered in the "CHC Forum" (chc_forum) extension where some Javascript expressions are not properly caught when entered in forms. Thus, specially crafted entries may be used to inject malicious code.
TYPO3-20051107-2: A weakness in the form validation of th_mailformplus has been discovered that may be abused to inject additional recipients in mail forms.
TYPO3 13.4.11 and 12.4.30 maintenance releases published
The versions 13.4.11 and 12.4.30 of the TYPO3 Enterprise Content Management System have just been released.