-
TYPO3-EXT-SA-2020-009: Cross-Site Scripting in extension "Faceted Search" (ke_search)
Categories: Development, SecurityAdvisory type: TYPO3 ExtensionsRead moreIt has been discovered that the extension "Faceted Search" (ke_search) is susceptible to Cross-Site Scripting.
-
TYPO3-CORE-SA-2020-006: Same-Origin Request Forgery to Backend User Interface
Categories: DevelopmentAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to same-origin request forgery.
-
TYPO3-CORE-SA-2020-005: Insecure Deserialization in Backend User Settings
Categories: DevelopmentAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to insecure deserialization.
-
TYPO3-EXT-SA-2020-008: Cross-Site Scripting in "SVG Sanitizer" (svg_sanitizer)
Categories: Development, SecurityAdvisory type: TYPO3 ExtensionsRead moreIt has been discovered that the extension "SVG Sanitizer" (svg_sanitizer) is vulnerable to Cross-Site Scripting.
-
TYPO3-CORE-SA-2020-004: Class destructors causing side-effects when being unserialized
Categories: DevelopmentAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to insecure deserialization.
-
TYPO3-CORE-SA-2020-003: Cross-Site Scripting in Link Handling
Categories: DevelopmentAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
-
TYPO3-EXT-SA-2020-007: Sensitive Data Exposure in extension "Job Fair" (jobfair)
Categories: Development, SecurityAdvisory type: TYPO3 ExtensionsRead moreIt has been discovered that the extension "Job Fair" (jobfair) is susceptible to Sensitive Data Exposure.
-
TYPO3-CORE-SA-2020-002: Cross-Site Scripting in Form Engine
Categories: DevelopmentAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
-
TYPO3-EXT-SA-2020-006: Broken Access Control in extension "gForum" (g_forum)
Categories: Development, SecurityAdvisory type: TYPO3 ExtensionsRead moreIt has been discovered that the extension "gForum" (g_forum) is susceptible to Broken Access Control.
-
TYPO3-CORE-SA-2020-001: Information Disclosure in Password Reset
Categories: DevelopmentAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is susceptible to information disclosure.