It has been discovered that TYPO3 CMS is vulnerable to cross-site-request-forgery.

It has been discovered that the extension"Newsletter" (newsletter) is susceptible to SQL Injection.

It has been discovered that the extension"Dated News" (dated_news) is susceptible to SQL Injection, Cross-Site Scripting, Information Disclosure and…

It has been discovered that the extension "Yoast SEO for TYPO3" (yoast_seo) is susceptible to Cross Site Scripting.

It has been discovered that the extension "Miniorange Saml" (miniorange_saml) is susceptible to Cross-Site Scripting, Sensitive Data Exposure and…

It has been discovered that the extension "femanager" (femanager) is susceptible to Cross-Site Scripting.

It has been discovered that the extension "Deferred image processing" (deferred_image_processing) is susceptible to Denial of Service.

It has been discovered that the extension “Extbase Yaml Routes” (routes) is susceptible to Sensitive Information Disclosure.

It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.

It has been discovered that the TYPO3 extensions offering a CSV export might create CSV files that can contain formulas executed in external…