Typo 3 extensions get security update
Typo 3's developers have issued a security advisory for two Typo 3 extensions, phpMyAdmin and freeCap CAPTCHA, which are not part of the core distribution of Typo 3. Both extensions have been found to have cross site scripting related vulnerabilities.
The phpMyAdmin extension has been fixed and updated to version 3.4.0, while the freeCap CAPTCHA extension has been fixed in version 1.0.4. Both updated extensions are available now through the Typo extension manager and on the Type3 extensions site. Users are advised to update these extensions as soon as possible.
- Cross-Site Scripting vulnerability in extension phpMyAdmin (phpmyadmin)
- Cross-Site Scripting vulnerability in extension freeCap CAPTCHA (sr_freecap)