SQL Injection in extension "News system" (news)

PKSA-grgc-xpj3-tvw1 CVE-2026-8726

Affected version: <11.4.4|>=12.0.0,<12.3.2|>=13.0.0,<13.0.2|>=14.0.0,<14.0.3

Reported by:
FriendsOfPHP/security-advisories

[HIGH] News system (news) extension for TYPO3 vulnerable to SQL Injection

PKSA-2ktg-wj2w-tkj8 CVE-2013-4748 GHSA-rg6g-v4xm-g49q

Affected version: <1.3.3

Reported by:
GitHub