-
TYPO3-CORE-SA-2019-026: Insecure Deserialization in Query Generator & Query View
Categories: DevelopmentAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to insecure deserialization.
-
TYPO3-CORE-SA-2019-025: SQL Injection in low-level Query Generator
Categories: DevelopmentAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to SQL injection.
-
TYPO3-CORE-SA-2019-024: Directory Traversal on ZIP extraction
Categories: DevelopmentAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to directory traversal.
-
TYPO3-CORE-SA-2019-023: Cross-Site Scripting in Filelist Module
Categories: DevelopmentAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
-
TYPO3-CORE-SA-2019-022: Cross-Site Scripting in Link Handling
Categories: DevelopmentAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to cross-site scripting in Link Handling.
-
TYPO3-CORE-SA-2019-021: Cross-Site Scripting in Form Framework validation handling
Categories: DevelopmentAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
-
TYPO3-PSA-2019-011: Possible Insecure Deserialization in Extbase Request Handling
Categories: DevelopmentAdvisory type: Public Service AnnouncementsRead moreIt has been discovered that TYPO3 CMS can be vulnerable to insecure deserialization.
-
TYPO3-PSA-2019-010: Cross-Site Scripting Vulnerabilities in File Upload Handling
Categories: DevelopmentAdvisory type: Public Service AnnouncementsRead moreIt has been discovered that TYPO3 is susceptible to cross-site scripting.
-
TYPO3-PSA-2019-009: Truncated passwords during authentication process on typo3.org services
Categories: CommunityAdvisory type: Public Service AnnouncementsRead moreIt has been discovered that passwords were truncated during authentication process on typo3.org services.
-
TYPO3-EXT-SA-2019-018: Remote Code Execution in extension "freeCap CAPTCHA" (sr_freecap)
Categories: DevelopmentAdvisory type: TYPO3 ExtensionsRead moreIt has been discovered that the extension "freeCap CAPTCHA" (sr_freecap) is susceptible to Remote Code Execution.