It has been discovered that TYPO3 CMS is susceptible to open redirect.

It has been discovered that the extension "TYPO3 Backup Plus" (ns_backup) is susceptible to Command Injection.

Third-party package enshrined/svg-sanitize, used by TYPO3 core packages, was susceptible to bypassing the sanitization strategy.

It has been discovered that the extension "femanager" (femanager) is susceptible to Insecure Direct Object Reference.

It has been discovered that the extension "powermail" (powermail) is susceptible to Insecure Direct Object Reference.

It has been discovered that the extension "Front End User Registration" (sr_feuser_register) is susceptible to Remote Code Execution and Insecure…

It has been discovered that the extension "Backup Plus" (ns_backup) is susceptible to Command Injection, Predictable Resource Location and Cross-Site…

It has been discovered that the extension "femanager" (femanager) is susceptible to Insecure Direct Object Reference.

It has been discovered that the extension "[clickstorm] SEO" (cs_seo) is susceptible to Cross-Site Scripting.

It has been discovered that the extension "Download manager" (reint_downloadmanager) is susceptible to Insecure Direct Object Reference.