TYPO3-CORE-SA-2025-023: Information Disclosure via CSV Download
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2025-022: Information Disclosure in Workspaces Module
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2025-021: Broken Access Control in Backend AJAX Routes
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2025-020: Information Disclosure via File Abstraction Layer
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2025-019: Insufficient Entropy in Password Generation
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2025-018: Denial of Service in TYPO3 Bookmark Toolbar
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2025-017: Open Redirect in TYPO3 CMS
It has been discovered that TYPO3 CMS is…
TYPO3-EXT-SA-2025-011: Command Injection in extension "TYPO3 Backup Plus" (ns_backup)
It has been discovered that the extension "TYPO3…
TYPO3-PSA-2025-001: Sanitization bypass in SVG Sanitizer
Third-party package enshrined/svg-sanitize, used…
TYPO3-EXT-SA-2025-010: Insecure Direct Object Reference in extension "femanager" (femanager)
It has been discovered that the extension…
TYPO3-EXT-SA-2025-009: Insecure Direct Object Reference in extension "powermail" (powermail)
It has been discovered that the extension…
TYPO3-EXT-SA-2025-008: Multiple vulnerabilities in extension "Front End User Registration" (sr_feuser_register)
It has been discovered that the extension "Front…
TYPO3-EXT-SA-2025-007: Multiple vulnerabilities in extension "Backup Plus" (ns_backup)
It has been discovered that the extension "Backup…
TYPO3-EXT-SA-2025-006: Insecure Direct Object Reference in extension "femanager" (femanager)
It has been discovered that the extension…
TYPO3 13.1.1, 12.4.15 and 11.5.37 security releases published
The versions 13.1.1, 12.4.15 and 11.5.37 of the…
TYPO3-CORE-SA-2024-010: Uncontrolled Resource Consumption in ShowImageController
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2024-009: Cross-Site Scripting in ShowImageController
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2024-008: Cross-Site Scripting in Form Manager Module
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2024-007: HTML Injection in History Module
It has been discovered that TYPO3 CMS is…
Call for Community Budget Ideas (Q3/2024)
The TYPO3 Association has officially launched the…
The Comprehensive Guide to Enterprise CMS with TYPO3
The choice of an enterprise CMS should not be…
T3CON24 & TYPO3 Awards: Tickets, Award Submissions & Event Details
Register now for T3CON24 and the TYPO3 Awards.…
Results of Q1/2024 Community Budget Ideas
Significant progress for TYPO3: Rector rules,…