It has been discovered that the extension "Store Locator" (locator) is susceptible to Cross-Site Scripting.

It has been discovered that the extension "HTML5 Video Player" (html5videoplayer) is susceptible to Cross-Site Scripting.

It has been discovered that the extension "TC Directmail " (tcdirectmail) is susceptible to Cross Site-Scripting and SQL Injection.

It has been discovered that the extension "phpMyAdmin" (phpmyadmin) has multiple vulnerabilities.

It has been discovered that the extension "Events" (jp_events) is susceptible to SQL Injection.

It has been discovered that the extension "GN Tactics Planner" (sf_gntactics) is susceptible to SQL Injection.

Release Date: September 12, 2016

Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.

Affected…

It has been discovered that the extension "Speaking URLs for TYPO3" (realurl) is susceptible to Denial of Service.

It has been discovered that the extension "Page path" (pagepath) is susceptible to Insecure Unserialize.

It has been discovered that the extension "CCDebug" (cc_debug) is susceptible to Cross-Site Scripting.