[TYPO3-announce] [Ticket#2010090210000013] Security issues in several third-party TYPO3 extensions

TYPO3 Security Team security at typo3.org
Thu Sep 2 12:51:54 CEST 2010

Dear TYPO3 users,

Several vulnerabilities have been found in the following third-party TYPO3
Commenting system Backend Module (commentsbe)
Tiny Market (hm_tinymarket)
Yet Another Calendar (ke_yac)
The official twitter tweet button for your page (tweetbutton)
XING Button (xing)

For further information on all CSB (Collective Security Bulletin) issues,
please read the related advisory TYPO3-SA-2010-018 that was published today:

In general the TYPO3 Security Team recommends to read the following pages:

The TYPO3 Security Cookbook:

Make sure you are subscribed to the TYPO3 Announce List:

See all TYPO3 security advisories:


Marcus Krause
Member of the TYPO3 Security Team

TYPO3 Security Team homepage: [1]http://typo3.org/teams/security/

E-Mail: security at typo3.org

Please note: When replying to this e-mail, please leave the header intact.

[1] http://typo3.org/teams/security/

More information about the TYPO3-announce mailing list