Component Type:
Third Party Extension. This extension is third party code that has not been submitted to the TYPO3 extension review process yet. The extension is not part of TYPO3 default installations.
Affected Extension Name:
cmw_linklist
Version: 1.4.1 and earlier
Vulnerability Type: SQL injection
Severity: High
Problem Description:
An issue has been reported where a bug in the cmw_linklist extension allows SQL injection attacks. In specific situations, a remote offender can cause malicious database operations.
Solution:
An updated version of the extension can be found on typo3.org/extensions/repository/list/cmw_linklist/ or via Extension Manager. All users of this extension are strongly advised to immediatly update this extension.
Simplify the TYPO3 Translation Workflow: TransFusion's Q2/2024 Roadmap
In the dynamic world of web development, staying ahead means continually innovating and refining existing tools. With TransFusion, our mission is to…