[TYPO3-announce] Security issues in several third party TYPO3 extensions including sr_feuser_register
Henning Pingel
henning at typo3.org
Mon Apr 6 07:27:52 CEST 2009
Dear users of TYPO3,
Security vulnerabilities have been discovered in the following third
party TYPO3 extensions:
"Frontend User Registration" (sr_feuser_register),
"A21glossary Advanced Output" (a21glossary_advanced_output),
"ClickStream Analyzer (output)" (alternet_csa_out),
"Directory Listing" (dir_listing),
"Store Locator" (locator),
"Userdata Create/Edit" (sg_userdata),
"Versatile Calendar Extension (VCE)" (sk_calendar),
"ultraCards" (th_ultracards),
"Visitor Tracking" (ws_stats)
For further information on the extension "Frontend User Registration"
(sr_feuser_register), please read the related advisory TYPO3-SA-2009-004:
<http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-004/>
Regarding all other extensions listed above, please read the advisory
TYPO3-SA-2009-005 (which is a Collective Security Bulletin):
<http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-005/>
In general, the TYPO3 Security Team recommends to read the following pages:
The TYPO3 Security Cookbook:
<http://typo3.org/fileadmin/security-team/typo3_security_cookbook_v-0.5.pdf>
Make sure you are subscribed to the TYPO3 Announce List:
<http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-announce>
See all TYPO3 security advisories:
<http://typo3.org/teams/security/security-bulletins/>
Regards,
Henning Pingel
henning at typo3.org
More information about the TYPO3-announce
mailing list