http://news.typo3.org/ news.typo3.org: The TYPO3 news resource en http://news.typo3.org/fileadmin/news.typo3.org/xmlicon.gif http://news.typo3.org/ 88 31 news.typo3.org: The TYPO3 news resource http://backend.userland.com/rss091 Fri, 19 Mar 2010 11:57:00 +0100 http://news.typo3.org/news/article/security-issue-in-third-party-typo3-extension-calendar-base-cal/ A security vulnerabilitiy has been discovered in the third party TYPO3 extension "Calendar Base". http://news.typo3.org/news/article/security-issues-found-in-typo3-core/ It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting, Authentication Bypass for frontend users and Information Disclosure. http://news.typo3.org/news/article/security-issues-in-third-party-typo3-extension-t3blog/ Security vulnerabilities have been discovered in third party TYPO3 extensions t3blog, eventmanagement, game_articledb, ml_career, ml_surprisecalendar, searchajaxgoogle and spr_downloadmanager http://news.typo3.org/news/article/security-issue-found-in-typo3-430-core/ It has been discovered that using the openid system extension in TYPO3 4.3.0 can lead to an authentication bypass under certain circumstances. http://news.typo3.org/news/article/security-issues-in-several-third-party-typo3-extensions-1/ Security vulnerabilities have been discovered in following third party TYPO3 extensions: MK-AnydropdownMenu (mk_anydropdownmenu), Photo Book (goof_fotoboek), SB Folderdownload (sb_folderdownload),... http://news.typo3.org/news/article/security-issues-in-several-third-party-typo3-extensions-including-car-aba-watchdog-dr-blob-nl-lis/ Security vulnerabilities have been discovered in following third party TYPO3 extensions: Car (car), TYPO3 Watchdog (aba_watchdog), File list (dr_blob), ListMan (nl_listman), XDS Staff List... http://news.typo3.org/news/article/security-issues-in-several-third-party-typo3-extensions-including-phpmyadmin-solr-maag-randomimage/ Security vulnerabilities have been discovered in following third party TYPO3 extensions: "Calendar Base" (cal), "Direct Mail" (direct_mail), "[AN] Search it!" (an_searchit), "Simple download-system... http://news.typo3.org/news/article/multiple-security-issues-found-in-typo3-core-1/ It has been discovered that the TYPO3 Core is vulnerable to Cross-site scripting, SQL-Injection, Remote shell command execution, Information Disclosure and insecure Install Tool... http://news.typo3.org/news/article/security-issues-in-several-third-party-typo3-extensions-including-commerce-and-t3m/ Several vulnerabilities have been found in the following third party TYPO3 extensions: "Commerce" (commerce), "T3M E-Mail Marketing Tool" (t3m), "AIRware Lexicon" (air_lexicon), "AST ZipCodeSearch"... http://news.typo3.org/news/article/security-issues-in-several-third-party-typo3-extensions-including-cooluri-cwt-resetbepassword-data/ Several vulnerabilities have been found in the following third party TYPO3 extensions: "CoolURI" (cooluri), "Reset backend password" (cwt_resetbepassword), "datamints Newsticker"...