[TYPO3-announce] Security issues in several third party TYPO3 extensions

Security Team security at typo3.org
Wed Aug 11 09:15:23 CEST 2010

Dear TYPO3 users,

Several vulnerabilities have been found in the following third party  

Event (event)
Fe user statistic (festat)
JW Calendar (jw_calendar)
Questionnaire (ke_questionnaire)
Branchenbuch [Yellow Pages] (mh_branchenbuch)
Webkit PDFs (webkitpdf)
xaJax Shoutbox (vx_xajax_shoutbox)

For further information on all CSB (Collective Security Bulletin)  
please read the related advisory TYPO3-SA-2010-015 that was published  

In general the TYPO3 Security Team recommends to read the following  

The TYPO3 Security Cookbook:

Make sure you are subscribed to the TYPO3 Announce List:

See all TYPO3 security advisories:


Helmut Hummel
Member of the TYPO3 Security Team

TYPO3 Security Team homepage: http://typo3.org/teams/security/

E-Mail: security at typo3.org

More information about the TYPO3-announce mailing list