Structured Content Initiative—What Happened Between November 2020 and August 2021?
The Structured Content Initiative is the core Strategic Initiative focused on improving the content editing user experience in TYPO3…
Extension Award for Documentation
Extensions play an important role for the success of TYPO3. Documentation plays an important role for the success of an extension.
To…
Removal of Community Extensions From forge.typo3.org
In the past, Forge was a place where a community extension could host its issues, news, internal documents, and a wiki. It was also a…
Meet Daniel Homorodean, TYPO3 Expansion Leader, Romania (Application Podcast S2E03)
Listen to the full interview in the audio player here, watch the interview video below, where you’ll also find a full transcript of our…
TYPO3 10.4.20, 9.5.30 and 11.3.3 maintenance releases published
The following TYPO3 updates have been released:
- TYPO3 10.4.20 LTS
- TYPO3 9.5.30 LTS
- TYPO3 11.3.3
These versions are maintenance…
About the Latest TYPO3 Core Security Release
We in the TYPO3 Core Team and Security Team were happy that the release had finally solved this long-standing, severe issue with a…
TYPO3-EXT-SA-2021-014: SQL Injection in extension "Newsletter" (newsletter)
- Release Date: August 10, 2021
- Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. …
TYPO3-EXT-SA-2021-013: Multiple vulnerabilities in Extension "Dated News" (dated_news)
- Release Date: August 10, 2021
- Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. …
TYPO3-EXT-SA-2021-012: Cross Site Scripting in Extension "Yoast SEO for TYPO3" (yoast_seo)
- Release Date: August 10, 2021
- Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. …
TYPO3-EXT-SA-2021-011: Multiple vulnerabilities in Extension "Miniorange Saml" (miniorange_saml)
- Release Date: August 10, 2021
- Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. …
TYPO3-EXT-SA-2021-010: Cross-Site Scripting in Extension "femanager" (femanager)
- Release Date: August 10, 2021
- Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. …
TYPO3-EXT-SA-2021-009: Denial of Service in Extension "Deferred image processing" (deferred_image_processing)
- Release Date: August 10, 2021
- Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. …
TYPO3-EXT-SA-2021-008: Sensitive Information Disclosure in “Extbase Yaml Routes” (routes)
- Release Date: August 10, 2021
- Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. …
TYPO3-CORE-SA-2021-013: Cross-Site Scripting via Rich-Text Content
- Component Type: TYPO3 CMS
- Subcomponent: Content Rendering, HTML Parser (ext:frontend, ext:core)
- Release Date: August 10, 2021
- …
TYPO3 11.3.2, 10.4.19, 9.5.29, 8.7.42, 7.6.53 security releases published
Know side-effects in recent releases
updated Wed, Aug 11th 2021, 08:30 UTC
Integrating a new HTML sanitizer to avoid cross-site…
The TYPO3 Demo Project Meets Hebrew
One of TYPO3's main strengths is its multilingual capabilities. It is built with international audiences in mind. TYPO3 has long…