It has been discovered that TYPO3 CMS can be vulnerable to insecure deserialization.

It has been discovered that TYPO3 is susceptible to cross-site scripting.

It has been discovered that passwords were truncated during authentication process on typo3.org services.

It has been discovered that the protection against insecure deserialization can be by-passed in Phar Stream Wrapper component.

It has been discovered that the protection against insecure deserialization can be by-passed in Phar Stream Wrapper component.

It has been discovered that TYPO3 is susceptible to security misconfiguration.

It has been discovered that 3rd party library Bootstrap CSS toolkit bundled with TYPO3 is vulnerable to cross-site scripting through prototype…

It has been discovered that 3rd party library jQuery bundled with TYPO3 is vulnerable to cross-site scripting through prototype pollution.

It has been discovered that TYPO3 CMS can be vulnerable to arbitrary code execution.

It has been discovered, that usernames and email addresses may be enumerated with brute-force techniques, when using validators in order to ensure a…