What is the first step when you discover a security vulnerability in a non-core TYPO3 extension? (1)
Contact the author of the extension
Inform the TYPO3 Security Team under security@typo3.org
Inform the TYPO3 Association under association@typo3.org
Fix the issue yourself and publish the patch in a Git repository at GitHub
Post a message to the Twitter account of the TYPO3 Security Team
How should a developer stay up-to-date about security issues in the TYPO3 ecosystem? (1)
By following the Twitter channel “@typo3_security”
By checking the TYPO3 website from time to time
By subscribing to the Slack channel “#security”
By subscribing to the mailing list “typo3-announce”
By checking the TYPO3 review system frequently