Security issues in third party TYPO3 extensions

It's not too often that you see notices from the TYPO3 group on security issues related to their CMS framework. That's why their notice last week about various security issues with several third party TYPO3 extensions caught my attention.

Several vulnerabilities have been found in the following third party TYPO3 extensions:

  • Virtual Civil Services (civserv)
  • Modern Guestbook / Commenting system (ve_guestbook)
  • CWT Community (cwt_community)
  • FrontEnd MP3 Player (fe_mp3player)
  • Search In Tables (fesearchintable)
  • Content Search (gst_contentsearch)
  • Multilingual Alias (multilingual_alias)
  • Myth Repository (myth_repository)
  • References database (t3references)

Further information on the security issues can be found at TYPO3.