TYPO3-20051107-1: A bug has been discovered in the "CHC Forum" (chc_forum) extension where some Javascript expressions are not properly caught when entered in forms. Thus, specially crafted entries may be used to inject malicious code.
TYPO3-20051107-2: A weakness in the form validation of th_mailformplus has been discovered that may be abused to inject additional recipients in mail forms.
- Overview
- Features +
- Development Roadmap +
- Strategy
- Core Development
- Release News +
- Documentation
- Comparison Cards
- System Requirements
- Download & Install
- Getting Started
- Fluid Template Engine
- TYPO3 Community
- Events
- Meet the Community +
- Contribute / Get Involved +
- Teams & Committees +
- Values and Proceedings +
- Team Leader Meetings
- Data Protection Corner +
- Services +
- Communicate: Where and how
- User Groups
- StackOverflow
- Forum
- Chat (Slack)
- how to use Slack
- Regular Open Sprints
- You, me, and TYPO3!
- TYPO3 remote days
- Become an Association Member
- Get your My TYPO3 account
- Donate
- Mentorship
- Community Writers Program
- TYPO3 Development
- Academic
- Accessibility
- Best Practices
- Communication Coordination
- Community Expansion
- Content
- Content Types
- Documentation
- Education & Certification
- Localization
- Marketing
- Ombudsperson
- Security
- Server
- TYPO3 CMS Product Strategy Group
- typo3.org website
- User Experience (UX)
- The TYPO3 Project
- News +
- Our Products
- TYPO3 Association +
- The Brand +
- History
- Press +
- Licenses
- Technology Supporters