News System

EXPANDING-TYPO3-WITH-YOUR-HELP-THIS-SPRING: Expanding TYPO3 with your help this spring

If you’re reading this article, you’re likely...

LAND-HO-FEATURE-FREEZE-AHEAD: Land ho! Feature Freeze Ahead!

TYPO3 v10.2 in December 2019 marked the last...

THE-TYPO3-MARKETING-TEAMS-2020-VISION: The TYPO3 Marketing Team's 2020 Vision

Create. Communicate. Contribute.

Under our newly...

TYPO3-DEVELOPERS-GET-CERTIFIED: TYPO3 Developers—Get Certified!

The TYPO3 Association launched the official TYPO3...

21-APRIL-2020-TYPO3-V10-LTS-RELEASE-AND-PARTY: 21 April 2020: TYPO3 v10 LTS Release and Party

The General Assembly is only the second reason why...

TYPO3-EXT-SA-2019-023: CSRF in extension "femanager" (femanager)

  • Release Date: December 17, 2019
  • Component Type:...

TYPO3-EXT-SA-2019-021: Cross Site Scripting in extension "File List" (file_list)

  • Release Date: December 17, 2019
  • Component Type:...

TYPO3-EXT-SA-2019-019: Multiple vulnerabilities in extension "MKSamlAuth" (mksamlauth)

  • Release Date: December 17, 2019
  • Component Type:...

TYPO3-CORE-SA-2019-026: Insecure Deserialization in Query Generator & Query View

  • Component Type: TYPO3 CMS
  • Subcomponent: Query...

TYPO3-CORE-SA-2019-025: SQL Injection in low-level Query Generator

  • Component Type: TYPO3 CMS
  • Subcomponent: Query...

TYPO3-CORE-SA-2019-024: Directory Traversal on ZIP extraction

  • Component Type: TYPO3 CMS
  • Subcomponent:...

TYPO3-CORE-SA-2019-023: Cross-Site Scripting in Filelist Module

  • Component Type: TYPO3 CMS
  • Subcomponent:...

TYPO3-CORE-SA-2019-022: Cross-Site Scripting in Link Handling

  • Component Type: TYPO3 CMS
  • Subcomponent: Link...

TYPO3-CORE-SA-2019-021: Cross-Site Scripting in Form Framework validation handling

  • Component Type: TYPO3 CMS
  • Subcomponent: Form...

TYPO3-PSA-2019-011: Possible Insecure Deserialization in Extbase Request Handling

  • Component Type: TYPO3 CMS
  • Subcomponent: Extbase...

TYPO3-PSA-2019-010: Cross-Site Scripting Vulnerabilities in File Upload Handling

It has been discovered that TYPO3 is susceptible...

BUDGET-IDEAS-FOR-20190: Announcing Selected Budget Ideas for 2020

The TYPO3 Association Budget Committee made a...

TYPO3-VERSION-102-TREASURE-HUNTING: TYPO3 Version 10.2 — Treasure Hunting!

TYPO3 v10.2 is out now — the last sprint release...

TYPO3-INITIATIVE-WEEK-INSIDER-REPORT: TYPO3 Initiative Week—Insider Report

24 participants from 8 initiatives met for 1 week...