-
TYPO3-PSA-2021-001: Sensitive links in search results of TYPO3 extension indexed_search
Categories: Development, TYPO3 CMSAdvisory type: Public Service AnnouncementsRead moreIt has been discovered that the TYPO3 extension “Indexed Search” may index sensitive links under certain conditions.
-
TYPO3-CORE-SA-2021-012: Information Disclosure in User Authentication
Categories: DevelopmentAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is susceptible to information disclosure.
-
TYPO3-CORE-SA-2021-011: Cross-Site Scripting in Backend Grid View
Categories: DevelopmentAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
-
TYPO3-CORE-SA-2021-010: Cross-Site Scripting in Query Generator & Query View
Categories: DevelopmentAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
-
TYPO3-CORE-SA-2021-009: Cross-Site Scripting in Page Preview
Categories: DevelopmentAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
-
TYPO3-EXT-SA-2021-007: Cross-Site Scripting in extension "Bootstrap Package" (bootstrap_package)
Categories: Development, SecurityAdvisory type: TYPO3 ExtensionsRead moreIt has been discovered that the extension "Bootstrap Package" (bootstrap_package) is susceptible to Cross-Site Scripting.
-
TYPO3-EXT-SA-2021-006: Server-side request forgery in extension "Yoast SEO for TYPO3" (yoast_seo)
Categories: Development, SecurityAdvisory type: TYPO3 ExtensionsRead moreIt has been discovered that the extension "Yoast SEO for TYPO3" (yoast_seo) is susceptible to Server-side request forgery (SSRF).
-
TYPO3-EXT-SA-2021-005: SQL Injection in extension "Dynamic Content Element" (dce)
Categories: Development, SecurityAdvisory type: TYPO3 ExtensionsRead moreIt has been discovered that the extension "Dynamic Content Element" (dce) is susceptible to SQL Injection.
-
TYPO3-EXT-SA-2021-004: Cross-Site Scripting in extension "2 Clicks for External Media" (media2click)
Categories: Development, SecurityAdvisory type: TYPO3 ExtensionsRead moreIt has been discovered that the extension "2 Clicks for External Media" (media2click) is susceptible to Cross-Site Scripting.
-
TYPO3-CORE-SA-2021-008: Cross-Site Scripting in Content Preview
Categories: Development, TYPO3 CMSAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.