Security Bulletins:

TYPO3 CMS

Tue. 5th October, 2021
TYPO3-CORE-SA-2021-015: HTTP Host Header Injection in Request Handling

Categories: Development, Security

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is vulnerable to HTTP header injection.
Read more
Tue. 5th October, 2021
TYPO3-CORE-SA-2021-014: Cross-Site-Request-Forgery in Backend URI Handling

Categories: Development, Security

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is vulnerable to cross-site-request-forgery.
Read more
Tue. 10th August, 2021
TYPO3-CORE-SA-2021-013: Cross-Site Scripting via Rich-Text Content

Categories: Development

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
Read more
Tue. 20th July, 2021
TYPO3-CORE-SA-2021-012: Information Disclosure in User Authentication

Categories: Development

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is susceptible to information disclosure.
Read more
Tue. 20th July, 2021
TYPO3-CORE-SA-2021-011: Cross-Site Scripting in Backend Grid View

Categories: Development

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
Read more
Tue. 20th July, 2021
TYPO3-CORE-SA-2021-010: Cross-Site Scripting in Query Generator & Query View

Categories: Development

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
Read more
Tue. 20th July, 2021
TYPO3-CORE-SA-2021-009: Cross-Site Scripting in Page Preview

Categories: Development

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
Read more
Tue. 16th March, 2021
TYPO3-CORE-SA-2021-008: Cross-Site Scripting in Content Preview

Categories: Development, TYPO3 CMS

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
Read more
Tue. 16th March, 2021
TYPO3-CORE-SA-2021-007: Cross-Site Scripting in Content Preview

Categories: Development, TYPO3 CMS

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
Read more
Tue. 16th March, 2021
TYPO3-CORE-SA-2021-006: Cleartext storage of session identifier

Categories: Development, TYPO3 CMS

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is susceptible to sensitive data exposure.
Read more