TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Spam Abuse in the native form content element. An attacker could abuse the form to send mails to arbitrary email addresses.
bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719
github.com/TYPO3-CMS/frontend
github.com/TYPO3/typo3/commit/34da374183dd472fa7987ee25b47544a06bd2173
github.com/TYPO3/typo3/commit/5eb60976cea268b879e02811208e6a1777674cbb
github.com/TYPO3/typo3/commit/78dbe326df7ebc612f40882920a426c82b2ca9d3
github.com/TYPO3/typo3/commit/f82696c7d62842edb0bf79ef21a85d56735a1527
nvd.nist.gov/vuln/detail/CVE-2010-3667
security-tracker.debian.org/tracker/CVE-2010-3667
typo3.org/security/advisory/typo3-sa-2010-012/#Spam_Abuse