Security Advisories

TYPO3-EXT-SA-2013-001: Several vulnerabilities in third party extensions

11.01.2013

Several vulnerabilities have been found in the following third-party TYPO3 extensions: news, onetimeaccount, phpunit, div2007, t3mootools, t3jquery,…

TYPO3-EXT-SA-2012-013: Several Vulnerabilities in extension commerce (commerce)

21.12.2012

It has been discovered that the extension commerce (commerce) is vulnerable to Cross Site Scripting.

TYPO3-CORE-SA-2012-005: Several Vulnerabilities in TYPO3 Core

08.11.2012

It has been discovered that TYPO3 Core is vulnerable to SQL Injection, Information Disclosure and Cross-Site Scripting

TYPO3-EXT-SA-2012-012: Several Vulnerabilities in extension Formhandler (formhandler)

25.10.2012

It has been discovered that the extension Formhandler (formhandler) is vulnerable to SQL-Injection and Cross-Site Scripting.

TYPO3-CORE-SA-2012-004: Several Vulnerabilities in TYPO3 Core

15.08.2012

It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting, Information Disclosure, Insecure Unserialize leading to Arbitrary Code…

TYPO3-EXT-SA-2012-011: Cross-site scripting vulnerability in extension powermail for TYPO3 (powermail)

08.08.2012

It has been discovered that the extension "powermail" (powermail) is vulnerable to Cross-Site Scripting, SQL Injection and Arbitrary Code Execution.

TYPO3-CORE-SA-2012-003: Cross-Site Scripting Vulnerability in TYPO3 Core

04.07.2012

It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting.

TYPO3-EXT-SA-2012-010: Cross-site scripting vulnerability in extension Seminars (seminars)

03.07.2012

It has been discovered that the extension "Seminars" (seminars) is vulnerable to cross-site scripting.

TYPO3-EXT-SA-2012-009: Cross-site scripting vulnerability in extension powermail for TYPO3 (powermail)

07.06.2012

It has been discovered that the extension "powermail" (powermail) is vulnerable to cross-site scripting.

TYPO3-EXT-SA-2012-008: Cross-site scripting vulnerability in extension Ameos Formidable (ameos_formidable)

07.06.2012

It has been discovered that the extension "Ameos Formidable" (ameos_formidable) is vulnerable to cross-site scripting.

TYPO3-EXT-SA-2012-007: SQL Injection vulnerability in extension Basic SEO Features (seo_basics)

07.06.2012

It has been discovered that the extension "Basic SEO Features" (seo_basics) is vulnerable to SQL Injection.

TYPO3-CORE-SA-2012-002: Cross-Site Scripting Vulnerability in TYPO3 Core

17.04.2012

It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting.

SECURITY-ISSUES-FOUND-IN-TYPO3-CORE-1: Security issues found in TYPO3 core

28.03.2012

It has been discovered that the TYPO3 Core is vulnerable to Cross-Site Scripting, Insecure Unserialize and Information Disclosure. Please read the…

TYPO3-EXT-SA-2012-006: Cross-Site Scripting vulnerability in extension Basic SEO Features (seo_basics)

28.03.2012

It has been discovered that the extension "Basic SEO Features" (seo_basics) is vulnerable to Cross-Site Scripting

TYPO3-EXT-SA-2012-005: Several vulnerabilities in third party extensions

28.03.2012

Several vulnerabilities have been found in the following third-party TYPO3 extensions: fe_whois, cag_tables, additional_reports, general_data_display,…

TYPO3-EXT-SA-2012-004: Cross-Site Scripting vulnerability in extension powermail for TYPO3 (powermail)

28.03.2012

It has been discovered that the extension "powermail" (powermail) is vulnerable to Cross-Site Scripting

TYPO3-CORE-SA-2012-001: Several Vulnerabilities in TYPO3 Core

28.03.2012

It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting, Information Disclosure, Insecure Unserialize

SECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-INCLUDING-FRONTEND-USER-REGISTRATION-SR-FEUSER-REGISTER: Security issues in several third party TYPO3 extensions including "Frontend User Registration" (sr_feuser_register)

23.02.2012

Security vulnerabilities have been discovered in the third party TYPO3 extensions including: sr_feuser_register tkcropthumbs, t3extplorer,…

TYPO3-EXT-SA-2012-003: Several vulnerabilities in third party extensions

23.02.2012

Several vulnerabilities have been found in the following third-party TYPO3 extensions: tkcropthumbs, t3extplorer, tc_beuser, an_predigten, solr,…

TYPO3-EXT-SA-2012-002: Information disclosure vulnerabilities in extension "Front End User Registration" (sr_feuser_register)

23.02.2012

It has been discovered that the extension "Front End User Registration" (sr_feuser_register) is vulnerable to information disclosure