Zum Hauptinhalt springen

Nachrichten

Meet Daniel Homorodean, TYPO3 Expansion Leader, Romania (Application Podcast S2E03)

 

 

Listen to the full interview in the audio player here, watch the interview video below, where you’ll also find a full transcript of our…

TYPO3 10.4.20, 9.5.30 and 11.3.3 maintenance releases published

 

 

The following TYPO3 updates have been released:

  • TYPO3 10.4.20 LTS
  • TYPO3 9.5.30 LTS
  • TYPO3 11.3.3

These versions are maintenance…

About the Latest TYPO3 Core Security Release

 

 

We in the TYPO3 Core Team and Security Team were happy that the release had finally solved this long-standing, severe issue with a…

Report From “QA Best Practices Usable by Community” (August 2021)

 

 

The whole outcome, and current process, is available in Gitlab and at Github.

This report will only cover the biggest topics, not every…

TYPO3-EXT-SA-2021-014: SQL Injection in extension "Newsletter" (newsletter)

 

 

 

  • Release Date: August 10, 2021
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
TYPO3-EXT-SA-2021-013: Multiple vulnerabilities in Extension "Dated News" (dated_news)

 

 

 

  • Release Date: August 10, 2021
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
TYPO3-EXT-SA-2021-012: Cross Site Scripting in Extension "Yoast SEO for TYPO3" (yoast_seo)

 

 

 

  • Release Date: August 10, 2021
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
TYPO3-EXT-SA-2021-011: Multiple vulnerabilities in Extension "Miniorange Saml" (miniorange_saml)

 

 

 

  • Release Date: August 10, 2021
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
TYPO3-EXT-SA-2021-010: Cross-Site Scripting in Extension "femanager" (femanager)

 

 

 

  • Release Date: August 10, 2021
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
TYPO3-EXT-SA-2021-009: Denial of Service in Extension "Deferred image processing" (deferred_image_processing)

 

 

 

  • Release Date: August 10, 2021
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
TYPO3-EXT-SA-2021-008: Sensitive Information Disclosure in “Extbase Yaml Routes” (routes)

 

 

 

  • Release Date: August 10, 2021
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
TYPO3 11.3.2, 10.4.19, 9.5.29, 8.7.42, 7.6.53 security releases published

 

 

Know side-effects in recent releases

 

updated Wed, Aug 11th 2021, 08:30 UTC

Integrating a new HTML sanitizer to avoid cross-site…

TYPO3-CORE-SA-2021-013: Cross-Site Scripting via Rich-Text Content

 

 

 

  • Component Type: TYPO3 CMS
  • Subcomponent: Content Rendering, HTML Parser (ext:frontend, ext:core)
  • Release Date: August 10, 2021
  • Vuln…
The TYPO3 Demo Project Meets Hebrew

 

 

One of TYPO3's main strengths is its multilingual capabilities. It is built with international audiences in mind. TYPO3 has long…

Documentation Restructuring—Status Update

 

 

Visit the New Documentation Home Page

We collected feedback from a range of different users to gather their opinions and find out what…

TYPO3 11.3.1, 10.4.18, 9.5.28, 8.7.41, 7.6.52 security releases published

 

 

The following TYPO3 updates have been released:

  • TYPO3 11.3.1
  • TYPO3 10.4.18 LTS
  • TYPO3 9.5.28 LTS
  • TYPO3 8.7.41 ELTS
  • TYPO3 7.6.52…
TYPO3-PSA-2021-002: CSV Code Injection

 

 

 

  • Component Type: 3rd party extensions (not being part of TYPO3 default installation)
  • Release Date: July 20, 2021
  • Impact: CSV Code…
TYPO3-PSA-2021-001: Sensitive links in search results of TYPO3 extension indexed_search

 

 

 

  • Component Type: TYPO3 CMS
  • Subcomponent: Indexed Search (ext:indexed_search)
  • Release Date: July 20, 2021
  • Impact: Information…
TYPO3-CORE-SA-2021-012: Information Disclosure in User Authentication

 

 

 

  • Component Type: TYPO3 CMS
  • Subcomponent: User Authentication (ext:core)
  • Release Date: July 20, 2021
  • Vulnerability Type: Information…
TYPO3-CORE-SA-2021-011: Cross-Site Scripting in Backend Grid View

 

 

 

  • Component Type: TYPO3 CMS
  • Subcomponent: Backend Grid View (ext:backend)
  • Release Date: July 20, 2021
  • Vulnerability Type: Cross-Site…
TYPO3-CORE-SA-2021-010: Cross-Site Scripting in Query Generator & Query View

 

 

 

  • Component Type: TYPO3 CMS
  • Subcomponent: Query Generator & Query View (ext:lowlevel, ext:core)
  • Release Date: July 20, 2021
  • Vulnerab…
TYPO3-CORE-SA-2021-009: Cross-Site Scripting in Page Preview

 

 

 

  • Component Type: TYPO3 CMS
  • Subcomponent: Page Preview (ext:viewpage)
  • Release Date: July 20, 2021
  • Vulnerability Type: Cross-Site…
Reinventing Enterprise Certifications

 

 

Let’s take a look at the pros and cons of established certification structures on the enterprise market today.

Pros

  • Certifications…
Meet Daniel Siepmann, Germany (Application Podcast S2E02)

 

 

Listen to the full interview in the audio player here, watch the interview video below, where you’ll also find a full transcript of our…

TYPO3 Version 11.3—Outside the Milky Way

We have come so far, left the Milky Way behind us, and are en route to our target destination. The release date of the next TYPO3 long-term support…

Renaming the TYPO3 Github Repository

 

 

The original naming scheme comes from a time where we had to distinguish between TYPO3 (the CMS) and the Flow/Neos packages. As time…

Meet Annett Jähnichen, Germany (Application Podcast S2E01)

 

 

Listen to the full interview in the audio player here, watch the interview video below, where you’ll also find a full transcript of our…

TYPO3 Online Days 2021 Program

 

 

The COVID-19 pandemic has meant that many of us cannot meet in person. 

Our beloved TYPO3 Developer Days, the TYPO3 Conference, and the…

Meet Jens Liesegang, the TYPO3 Association's Lawyer

 

 

Luisa Faßbender sat down with Jens to learn more about him and what brought him to TYPO3. 

The interview took place on 25 May 2021 via…

TYPO3 10.4.17 maintenance release published

 

 

The following TYPO3 update has been released:

  • TYPO3 10.4.17 LTS

This version is a maintenance release only.

Further upgrade…