[Ticket#2013060310000039] Security issues in several third party TYPO3 extensions including powermail and multishop
Dear TYPO3 users, Several vulnerabilities have been found in the following third party TYPO3 extensions: powermail (powermail) Multishop (multishop) meta_feedit (meta_feedit) Library for Frontend plugins (sg_zfelib) Library for Frontend plugins (sg_zlib) Accessible browse results for indexed search (accessible_is_browse_results) Maag Form Captcha (maag_formcaptcha) SB Folderdownload (sb_folderdownload) TEQneers SEO Enhancements (tq_seo) jQuery autocomplete for indexed_search (rzautocomplete) For further information on the issue in the extension "powermail" (powermail), please read the related advisory TYPO3-EXT-SA-2013-006 that was published today: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa- 2013-006/ For further information on the issue in the extension "Multishop" (multishop), please read the related advisory TYPO3-EXT-SA-2013-010 that was published today: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa- 2013-010/ For further information on all CSB (Collective Security Bulletin) issues, please read the related advisory TYPO3-EXT-SA-2013-007 that was published today: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa- 2013-007/ In general the TYPO3 Security Team recommends to read the following pages: The TYPO3 Security Guide: http://typo3.org/documentation/document-library/extension- manuals/doc_guide_security/current/ Make sure you are subscribed to the TYPO3 Announce List: http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-announce See all TYPO3 security advisories for TYPO3 third party extensions: http://typo3.org/teams/security/security-bulletins/typo3-extensions/ Regards, Marcus Krause Member of the TYPO3 Security Team -- TYPO3 Security Team homepage: http://typo3.org/teams/security/ E-Mail: security@typo3.org Please note: When replying to this e-mail, please leave the header intact.