Security Advisories
All Advisories
TYPO3-CORE-SA-2016-005: XML External Entity (XXE) Processing in TYPO3 Core
It has been discovered, that TYPO3 is susceptible to XML External Entity Processing
TYPO3-CORE-SA-2016-004: Cross-Site Scripting in form component
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting
TYPO3-CORE-SA-2016-003: Cross-Site Scripting in legacy form component
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting
TYPO3-CORE-SA-2016-002: Cross-Site Scripting in link validator component
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting
TYPO3-CORE-SA-2016-001: SQL Injection in dbal
It has been discovered, that TYPO3 is susceptible to SQL Injection
TYPO3-CORE-SA-2015-015: Cross-Site Scripting in TYPO3 component Indexed Search
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting
TYPO3-CORE-SA-2015-014: TYPO3 is susceptible to Cross-Site Flashing
It has been discovered, that TYPO3 is susceptible to Cross-Site Flashing
TYPO3-CORE-SA-2015-013: Multiple Cross-Site Scripting vulnerabilities in frontend
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting
TYPO3-CORE-SA-2015-012: Cross-Site Scripting vulnerability in typolinks
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting
TYPO3-CORE-SA-2015-011: Multiple Cross-Site Scripting vulnerabilities in TYPO3 backend
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting
TYPO3-CORE-SA-2015-010: Cross-Site Scripting in TYPO3 component Extension Manager
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting
TYPO3-EXT-SA-2015-022: Arbitrary Code Execution in extension "MK Forms" (mkforms)
It has been discovered that the extension "MK Forms" (mkforms) is susceptible to Arbitrary Code Execution
TYPO3-EXT-SA-2015-021: SQL Injection in extension "http:BL Blocking" (mh_httpbl)
It has been discovered that the extension "http:BL Blocking" (mh_httpbl) is susceptible to SQL Injection.
TYPO3-EXT-SA-2015-020: Cross-Site Request Forgery in extension "Typo3 Quixplorer" (t3quixplorer)
It has been discovered that the extension "Typo3 Quixplorer" (t3quixplorer) is susceptible to Cross-Site Request Forgery.
TYPO3-EXT-SA-2015-019: File Disclosure in extension "Zend Framework Integration" (zend_framework)
It has been discovered that the extension "Zend Framework Integration" (zend_framework) is susceptible to File Disclosure.
TYPO3-EXT-SA-2015-018: Information Disclosure in extension "Adminer" (t3adminer)
It has been discovered that the extension "Adminer" (t3adminer) is susceptible to Information Disclosure.
TYPO3-EXT-SA-2015-017: Cross-Site Scripting in extension "News system" (news)
It has been discovered that the extension "News system" (news) is susceptible to Cross-Site Scripting.
TYPO3-EXT-SA-2015-016: Information Disclosure in extension "LDAP" (eu_ldap)
It has been discovered that the extension "LDAP" (eu_ldap) is susceptible to Information Disclosure.
TYPO3-CORE-SA-2015-009: Non-Persistent Cross-Site Scripting
It has been discovered, that TYPO3 is susceptible to Non-Persistent Cross-Site Scripting
TYPO3-CORE-SA-2015-008: Unauthenticated Path Disclosure
It has been discovered, that TYPO3 is susceptible to unauthenticated path disclosure.