Security Advisories

All Advisories

Subscribe to our Security Advisories Mailing List and receive Security Bulletins via E-Mail

Tue. 17th February, 2015
TYPO3-EXT-SA-2015-005: Cross-Site Scripting in extension Gridelements (gridelements)

Advisory type: TYPO3 Extensions
Created by Nicole Cordes

It has been discovered that the extension "gridelements" (gridelements) is susceptible to Cross-Site Scripting
Read more
Fri. 16th January, 2015
TYPO3-EXT-SA-2015-004: Information Disclosure in Direct Mail Subscription (direct_mail_subscription)

Advisory type: TYPO3 Extensions
Created by Marcus Krause

It has been discovered that the extension "Direct Mail Subscription" (direct_mail_subscription) is susceptible to Information Disclosure.
Read more
Fri. 9th January, 2015
TYPO3-EXT-SA-2015-003: Multiple vulnerabilities in Content Rating Extbase (content_rating_extbase)

Advisory type: TYPO3 Extensions
Created by Marcus Krause

It has been discovered that the extension "Content Rating Extbase" (content_rating_extbase) is susceptible to Cross-Site Scripting and SQL Injection.
Read more
Fri. 9th January, 2015
TYPO3-EXT-SA-2015-002: Multiple vulnerabilities in Content Rating (content_rating)

Advisory type: TYPO3 Extensions
Created by Marcus Krause

It has been discovered that the extension "Content Rating" (content_rating) is susceptible to Cross-Site Scripting and SQL Injection.
Read more
Thu. 8th January, 2015
TYPO3-EXT-SA-2015-001: Improper Authentication in LDAP / SSO Authentication (ig_ldap_sso_auth)

Advisory type: TYPO3 Extensions
Created by Marcus Krause

It has been discovered that the extension "LDAP / SSO Authentication" (ig_ldap_sso_auth) is susceptible to Improper Authentication.
Read more
Mon. 15th December, 2014
TYPO3-EXT-SA-2014-021: Cross-Site Scripting vulnerability in wfGallery (wf_gallery)

Advisory type: TYPO3 Extensions
Created by Marcus Krause

It has been discovered that the extension "wfGallery" (wf_gallery) is susceptible to Cross-Site Scripting.
Read more
Mon. 15th December, 2014
TYPO3-EXT-SA-2014-020: Multiple vulnerabilities in BibTex Publications (si_bibtex)

Advisory type: TYPO3 Extensions
Created by Marcus Krause

It has been discovered that the extension "BibTex Publications" (si_bibtex) is susceptible to Cross-Site Scripting and SQL Injection.
Read more
Mon. 15th December, 2014
TYPO3-EXT-SA-2014-019: Multiple vulnerabilities in Drag Drop Mass Upload (ameos_dragndropupload)

Advisory type: TYPO3 Extensions
Created by Marcus Krause

It has been discovered that the extension "Drag Drop Mass Upload" (ameos_dragndropupload) is susceptible to Cross-Site Scripting, Cross-Site Request…
Read more
Tue. 9th December, 2014
TYPO3-CORE-SA-2014-003: Link spoofing and cache poisoning vulnerabilities in TYPO3 CMS

Categories: TYPO3 CMS

Advisory type: TYPO3 CMS
Created by Helmut Hummel

It has been discovered that TYPO3 CMS is vulnerable to Link Spoofing and Cache Poisoning.
Read more
Mon. 8th December, 2014
TYPO3-EXT-SA-2014-018: Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)

Advisory type: TYPO3 Extensions
Created by Marcus Krause

It has been discovered that the extension "phpMyAdmin" (phpmyadmin) is susceptible to Cross-Site Scripting, Denial of Service and Local File…
Read more

Security Advisories

TYPO3-EXT-SA-2015-005: Cross-Site Scripting in extension Gridelements (gridelements)

TYPO3-EXT-SA-2015-004: Information Disclosure in Direct Mail Subscription (direct_mail_subscription)

TYPO3-EXT-SA-2015-003: Multiple vulnerabilities in Content Rating Extbase (content_rating_extbase)

TYPO3-EXT-SA-2015-002: Multiple vulnerabilities in Content Rating (content_rating)

TYPO3-EXT-SA-2015-001: Improper Authentication in LDAP / SSO Authentication (ig_ldap_sso_auth)

TYPO3-EXT-SA-2014-021: Cross-Site Scripting vulnerability in wfGallery (wf_gallery)

TYPO3-EXT-SA-2014-020: Multiple vulnerabilities in BibTex Publications (si_bibtex)

TYPO3-EXT-SA-2014-019: Multiple vulnerabilities in Drag Drop Mass Upload (ameos_dragndropupload)

TYPO3-CORE-SA-2014-003: Link spoofing and cache poisoning vulnerabilities in TYPO3 CMS

TYPO3-EXT-SA-2014-018: Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)

Information

Downloads

Community

Popular links

Professional Content Management

Inspire people to share

A Community Effort

Do you have a question?

Security Advisories

Information

Downloads

Community

Popular links