TYPO3 10.4.35

Release Notes

Version 10.4.35

Stay secure and up-to-date with TYPO3 ELTS!

The TYPO3 CMS community supported from 2020-04-21 until 2023-04-30.
Extend your support now until 2026-04-30 to get access to the latest security and compatibility updates for this version.

Learn more about TYPO3 ELTS Browse the TYPO3 ELTS Portal

Release Notes for TYPO3 CMS 10.4.35

This document contains information about TYPO3 CMS 10.4.35 which was released on 07.02.2023.

Get TYPO3 10.4.35 now


This release is a combined bug fix and security release.

Find more details in the security bulletins:

Read TYPO3 10.4.35 Release News

Checksums of TYPO3 10.4.35


d9eed241e2b24f9b6974e9dee3502dede66fe849c5e9e57caa3f267bf6095c8d typo3_src-10.4.35.tar.gz
5d172d99f90a671c6f6cc318aa803384d51a13746f067c5732991cba8a3c4cca typo3_src-10.4.35.zip


9726bd5a4e429de97f9da6e5f70cff885aee7bb7 typo3_src-10.4.35.tar.gz
0ab02600b30f24b9a9a7979a7942d9759ae156ed typo3_src-10.4.35.zip


f8aef006a9df28d3283193e1f52c6584 typo3_src-10.4.35.tar.gz
861a99259b646ce4c428aa0724f1fc5d typo3_src-10.4.35.zip


The usual upgrading procedure applies. No database updates are necessary. It might be required to clear all caches; the "important actions" section in the TYPO3 Install Tool offers the accordant possibility to do so.


Here is a list of what was fixed since 10.4.34:

  • 2023-02-07 e4ebf17a48 [RELEASE] Release of TYPO3 10.4.35 (thanks to Oliver Hader)
  • 2023-02-07 fa9832df37 [SECURITY] Prevent XSS due to wrong PATH_INFO evaluation (thanks to Benjamin Franzke)
  • 2023-02-07 81473ac376 [TASK] Improve comments and readability in PageArgumentValidator (thanks to Benjamin Franzke)
  • 2023-02-07 1022a0c211 [BUGFIX] Avoid disabling page caches when having cHash validation enforced (thanks to Oliver Hader)
  • 2023-02-06 5e1585ea79 [BUGFIX] Enforce validation when no cHash is given (thanks to Benni Mack)
  • 2023-01-23 b882674239 [BUGFIX] Accessing unavailable site config triggers notice instead of warning (thanks to Helmut Hummel)
  • 2023-01-18 553c43b692 [BUGFIX] Avoid logging of invalid locales in site configuration (thanks to Benni Mack)
  • 2023-01-17 317cb7c6d9 [BUGFIX] Allow CSP inline styles in directly requested SVG files (thanks to Oliver Hader)
  • 2023-01-06 5635ca42de [BUGFIX] Fix array access warning in SystemStatusUpdateTask (thanks to Helmut Hummel)
  • 2023-01-06 35b4fbeb35 [TASK] Update copyright year in README.md and INSTALL.md (thanks to Torben Hansen)
  • 2022-12-22 3b36263910 [BUGFIX] Remove unneeded quote (thanks to Georg Ringer)
  • 2022-12-15 f94acb81fa [TASK] Set TYPO3 version to 10.4.35-dev (thanks to Oliver Hader)