Security Bulletins:

TYPO3 CMS

Tue. 17th November, 2020
TYPO3-CORE-SA-2020-010: Cross-Site Scripting in Fluid view helpers

Categories: Development, TYPO3 CMS

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting..
Read more
Tue. 17th November, 2020
TYPO3-CORE-SA-2020-009: Cross-Site Scripting through Fluid view helper arguments

Categories: Development, TYPO3 CMS

Advisory type: TYPO3 CMS
Created by Claus Due

It has been discovered that the Fluid Engine is vulnerable to cross-site scripting.
Read more
Tue. 28th July, 2020
TYPO3-CORE-SA-2020-008: Sensitive Information Disclosure

Categories: Development

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is susceptible to sensitive information disclosure.
Read more
Tue. 28th July, 2020
TYPO3-CORE-SA-2020-007: Potential Privilege Escalation

Categories: Development

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is susceptible to privilege escalation.
Read more
Tue. 12th May, 2020
TYPO3-CORE-SA-2020-006: Same-Origin Request Forgery to Backend User Interface

Categories: Development

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is vulnerable to same-origin request forgery.
Read more
Tue. 12th May, 2020
TYPO3-CORE-SA-2020-005: Insecure Deserialization in Backend User Settings

Categories: Development

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is vulnerable to insecure deserialization.
Read more
Tue. 12th May, 2020
TYPO3-CORE-SA-2020-004: Class destructors causing side-effects when being unserialized

Categories: Development

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is vulnerable to insecure deserialization.
Read more
Tue. 12th May, 2020
TYPO3-CORE-SA-2020-003: Cross-Site Scripting in Link Handling

Categories: Development

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
Read more
Tue. 12th May, 2020
TYPO3-CORE-SA-2020-002: Cross-Site Scripting in Form Engine

Categories: Development

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
Read more
Tue. 12th May, 2020
TYPO3-CORE-SA-2020-001: Information Disclosure in Password Reset

Categories: Development

Advisory type: TYPO3 CMS
Created by Oliver Hader

It has been discovered that TYPO3 CMS is susceptible to information disclosure.
Read more