Security Advisories

All Advisories

Subscribe to our Security Advisories Mailing List and receive Security Bulletins via E-Mail

Tue. 10th August, 2021
TYPO3-EXT-SA-2021-013: Multiple vulnerabilities in Extension "Dated News" (dated_news)

Categories: Development, Security

Advisory type: TYPO3 Extensions
Created by Torben Hansen

It has been discovered that the extension"Dated News" (dated_news) is susceptible to SQL Injection, Cross-Site Scripting, Information Disclosure and…
Read more
Tue. 10th August, 2021
TYPO3-EXT-SA-2021-012: Cross Site Scripting in Extension "Yoast SEO for TYPO3" (yoast_seo)

Categories: Development, Security

Advisory type: TYPO3 Extensions
Created by Torben Hansen

It has been discovered that the extension "Yoast SEO for TYPO3" (yoast_seo) is susceptible to Cross Site Scripting.
Read more
Tue. 10th August, 2021
TYPO3-EXT-SA-2021-011: Multiple vulnerabilities in Extension "Miniorange Saml" (miniorange_saml)

Categories: Development, Security

Advisory type: TYPO3 Extensions
Created by Torben Hansen

It has been discovered that the extension "Miniorange Saml" (miniorange_saml) is susceptible to Cross-Site Scripting, Sensitive Data Exposure and…
Read more
Tue. 10th August, 2021
TYPO3-EXT-SA-2021-010: Cross-Site Scripting in Extension "femanager" (femanager)

Categories: Development, Security

Advisory type: TYPO3 Extensions
Created by Torben Hansen

It has been discovered that the extension "femanager" (femanager) is susceptible to Cross-Site Scripting.
Read more
Tue. 10th August, 2021
TYPO3-EXT-SA-2021-009: Denial of Service in Extension "Deferred image processing" (deferred_image_processing)

Categories: Development, Security

Advisory type: TYPO3 Extensions
Created by Torben Hansen

It has been discovered that the extension "Deferred image processing" (deferred_image_processing) is susceptible to Denial of Service.
Read more
Tue. 10th August, 2021
TYPO3-EXT-SA-2021-008: Sensitive Information Disclosure in “Extbase Yaml Routes” (routes)

Categories: Development, Security

Advisory type: TYPO3 Extensions
Created by Torben Hansen

It has been discovered that the extension “Extbase Yaml Routes” (routes) is susceptible to Sensitive Information Disclosure.
Read more
Tue. 10th August, 2021
TYPO3-CORE-SA-2021-013: Cross-Site Scripting via Rich-Text Content

Categories: Development

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
Read more
Tue. 20th July, 2021
TYPO3-PSA-2021-002: CSV Code Injection

Categories: Development, TYPO3 CMS

Advisory type: Public Service Announcements
Created by Torben Hansen

It has been discovered that the TYPO3 extensions offering a CSV export might create CSV files that can contain formulas executed in external…
Read more
Tue. 20th July, 2021
TYPO3-PSA-2021-001: Sensitive links in search results of TYPO3 extension indexed_search

Categories: Development, TYPO3 CMS

Advisory type: Public Service Announcements
Created by Torben Hansen

It has been discovered that the TYPO3 extension “Indexed Search” may index sensitive links under certain conditions.
Read more
Tue. 20th July, 2021
TYPO3-CORE-SA-2021-012: Information Disclosure in User Authentication

Categories: Development

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is susceptible to information disclosure.
Read more

Security Advisories

TYPO3-EXT-SA-2021-013: Multiple vulnerabilities in Extension "Dated News" (dated_news)

TYPO3-EXT-SA-2021-012: Cross Site Scripting in Extension "Yoast SEO for TYPO3" (yoast_seo)

TYPO3-EXT-SA-2021-011: Multiple vulnerabilities in Extension "Miniorange Saml" (miniorange_saml)

TYPO3-EXT-SA-2021-010: Cross-Site Scripting in Extension "femanager" (femanager)

TYPO3-EXT-SA-2021-009: Denial of Service in Extension "Deferred image processing" (deferred_image_processing)

TYPO3-EXT-SA-2021-008: Sensitive Information Disclosure in “Extbase Yaml Routes” (routes)

TYPO3-CORE-SA-2021-013: Cross-Site Scripting via Rich-Text Content

TYPO3-PSA-2021-002: CSV Code Injection

TYPO3-PSA-2021-001: Sensitive links in search results of TYPO3 extension indexed_search

TYPO3-CORE-SA-2021-012: Information Disclosure in User Authentication

Information

Downloads

Community

Popular links

Professional Content Management

Inspire people to share

A Community Effort

Do you have a question?

Security Advisories

Information

Downloads

Community

Popular links