Zum Hauptinhalt springen

Nachrichten

TYPO3-EXT-SA-2020-012: Cross-Site Scripting in extension "Google reCAPTCHA (v2/v3)" (jh_captcha)
  • Release Date: July 07, 2020
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
  • Component:…
TYPO3-EXT-SA-2020-011: Remote Code Execution in extension "Turn!" (turn)
  • Release Date: July 07, 2020
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
  • Component:…
TYPO3-EXT-SA-2020-010: Broken Access Control in extension "typo3_forum" (typo3_forum)
  • Release Date: July 07, 2020
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
  • Component:…
TYPO3 10.4.5 maintenance release published

The following TYPO3 update has been released:

  • TYPO3 10.4.5 LTS

This version is a maintenance release only.

Further upgrade instructions

No database…

TYPO3-EXT-SA-2020-009: Cross-Site Scripting in extension "Faceted Search" (ke_search)
  • Release Date: July 07, 2020
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
  • Component:…
This Month in TYPO3 - May 2020 - Issue #17

Time flies! The release of TYPO3 v10 is already one month ago and the adoption rate is awesome which can be measured by over 400 compatible…

This Month in TYPO3 - April 2020 - Issue #16

April was marked by the long awaited release of TYPO3 v10 LTS. The feedback of the community so far is overwhelming and we have a rock stable new LTS…

A Special Call-Out for TYPO3 Market Research

Why Are We Doing This?

Marketing Team Lead Luisa laid out the 2020 Vision: to raise awareness, interest, and consideration for decision makers. In the…

TYPO3 v10 Community Content Roundup

You can also submit your links to the next edition of This Month in TYPO3.

Submit Your Link to This Month in TYPO3

And the Winner Is…

In the run up to…

Who Does What in the Association Board, 2020?

Check out the roles and responsibilities for the members of the TYPO3 Association Board in 2020.

Mentoring Digital Transformation with TYPO3

“That’s where my career started. People answered my silly questions on the web forums. They were helpful and friendly, and after some years I realized…

Recap from the First Online Marketing Sprint (Q2/2020)

The participants engaged in lively discussion and strategic planning for two days, in large group hangouts lasting three hours and subsequent breakout…

TYPO3 10.4.4 and 9.5.19 maintenance releases published

The following TYPO3 updates have been released:

  • TYPO3 10.4.4 LTS
  • TYPO3 9.5.19 LTS

Both versions are maintenance releases only.

Further upgrade…

TYPO3 Book Report—Who’s Writing the TYPO3 Book?

Sign Up to the TYPO3 Guidebook Mailing List

How did you get into technical writing, Felicity?

In my former life I was a business analyst, and I always…

TYPO3 Users, Please Let Us Know Your Feedback!

The TYPO3 Project has started to use G2.com, the tech marketplace, as a prominent place to show the TYPO3 Project to millions of business…

Structured Content Initiative—What happened in April? The survey results!

The Structured Content Initiative is the core Strategic Initiative focused on improving the content editing user experience in TYPO3 CMS. Read our…

TYPO3 10.4.3 and 9.5.18 maintenance releases published

The following TYPO3 updates have been released:

  • TYPO3 10.4.3 LTS
  • TYPO3 9.5.18 LTS

Both versions are maintenance releases only. They aim to reduce…

Report from the Board QSA—April 2020

Although the Board meets online every two weeks throughout the year, it is necessary with longer physical meetings for in-depth and strategic…

TYPO3-CORE-SA-2020-006: Same-Origin Request Forgery to Backend User Interface
  • Component Type: TYPO3 CMS
  • Subcomponent: Backend User Interface & Install Tool (ext:backend, ext:backend)
  • Release Date: May 12, 2020
  • Vulnerability…
TYPO3-CORE-SA-2020-005: Insecure Deserialization in Backend User Settings
  • Component Type: TYPO3 CMS
  • Subcomponent: Backend User Interface (ext:backend)
  • Release Date: May 12, 2020
  • Vulnerability Type: Insecure…
TYPO3-EXT-SA-2020-008: Cross-Site Scripting in "SVG Sanitizer" (svg_sanitizer)
  • Release Date: May 12, 2020
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
  • Component: SVG…
TYPO3-CORE-SA-2020-004: Class destructors causing side-effects when being unserialized
  • Component Type: TYPO3 CMS
  • Subcomponent: Core (ext:core)
  • Release Date: May 12, 2020
  • Vulnerability Type: Insecure Deserialization
  • Affected…
TYPO3-CORE-SA-2020-003: Cross-Site Scripting in Link Handling
  • Component Type: TYPO3 CMS
  • Subcomponent: Link Handling (ext:frontend)
  • Release Date: May 12, 2020
  • Vulnerability Type: Information Disclosure
  • Affec…
TYPO3-EXT-SA-2020-007: Sensitive Data Exposure in extension "Job Fair" (jobfair)
  • Release Date: May 12, 2020
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
  • Component: Job…
TYPO3-CORE-SA-2020-002: Cross-Site Scripting in Form Engine
  • Component Type: TYPO3 CMS
  • Subcomponent: Form Engine (ext:backend)
  • Release Date: May 12, 2020
  • Vulnerability Type: Cross-Site Scripting
  • Affected…
TYPO3-EXT-SA-2020-006: Broken Access Control in extension "gForum" (g_forum)
  • Release Date: May 12, 2020
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
  • Component:…
TYPO3-CORE-SA-2020-001: Information Disclosure in Password Reset
  • Component Type: TYPO3 CMS
  • Subcomponent: Password Reset (ext:backend)
  • Release Date: May 12, 2020
  • Vulnerability Type: Information Disclosure
  • Affec…
TYPO3-EXT-SA-2020-005: Multiple vulnerabilities in extension "Direct Mail" (direct_mail)
  • Release Date: May 12, 2020
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
  • Component:…
TYPO3 10.4.2 and 9.5.17 security releases published

The following TYPO3 updates have been released:

  • TYPO3 10.4.2 LTS
  • TYPO3 9.5.17 LTS

Both versions are security releases and contain important…

TYPO3-EXT-SA-2020-004: SQL Injection in extension "phpMyAdmin" (phpmyadmin)
  • Release Date: May 12, 2020
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
  • Component:…