Professional Content Management

Free and open source, TYPO3 CMS is the most widely used enterprise-level CMS.

Test TYPO3 now:

TYPO3 live demo

Inspire people to share

Offer your skills and contribute to the project. The community is growing and does more than just coding. 

A Community Effort

TYPO3 CMS is an Open Source project managed by the TYPO3 Association.

The Project

Do you have a question?

Ask the community or a professional partner.

TYPO3 Security Bulletin

An issue has been reported where a bug in the "cmw_linklist" extension allows SQL injection attacks. In specific situations, a remote offender can cause malicious database operations.

Component Type:
Third Party Extension. This extension is third party code that has not been submitted to the TYPO3 extension review process yet. The extension is not part of TYPO3 default installations.

Affected Extension Name:
cmw_linklist

Version: 1.4.1 and earlier
Vulnerability Type: SQL injection
Severity: High

Problem Description:
An issue has been reported where a bug in the cmw_linklist extension allows SQL injection attacks. In specific situations, a remote offender can cause malicious database operations.

Solution:
An updated version of the extension can be found on typo3.org/extensions/repository/list/cmw_linklist/ or via Extension Manager. All users of this extension are strongly advised to immediatly update this extension.
 

Latest news

Show more