News-Feeds:
Sponsors
30.07.09 09:47 Age: 3 yrs
Security issues in several third party TYPO3 extensions including cooluri, cwt_resetbepassword, datamints_newsticker, gb_fenewssubmit, mailform, myth_download, pm_tour, twittersearch, ws_ecard, ws_gallery
Category: Security, www.typo3.org
Several vulnerabilities have been found in the following third party TYPO3 extensions: "CoolURI" (cooluri), "Reset backend password" (cwt_resetbepassword), "datamints Newsticker" (datamints_newsticker), "[Gobernalia] Front End News Submitter" (gb_fenewssubmit), "Mailform" (mailform), "Myth download" (myth_download), "Tour Extension" (pm_tour), "Twitter Search" (twittersearch), "Webesse E-Card" (ws_ecard), "Webesse Image Gallery" (ws_gallery)
For further information on the issues of the extensions listed above, please read the advisory TYPO3-SA-2009-010 (that represents a Collective Security Bulletin):
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-010/
In general the TYPO3 Security Team recommends you to read the following pages:
The TYPO3 Security Cookbook:
http://typo3.org/fileadmin/security-team/typo3_security_cookbook_v-0.5.pdf
Make sure you are subscribed to the TYPO3 Announce List:
http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-announce
See all TYPO3 security bulletins:
http://typo3.org/teams/security/security-bulletins/
comments
No comments yet. Be the first to comment on this!
Add comment