3 matches found
CVE-2019-16698
The directmail aka Direct Mail extension through 5.2.2 for TYPO3 has a missing access check in the backend module, allowing a user with restricted permissions to the feusers table to view and export data of frontend users who are subscribed to a newsletter...
CVE-2019-16698
The CVE-2019-16698 issue affects the TYPO3 Direct Mail extension (direct_mail) up to version 5.2.2. A missing access check in the backend module allows a user with restricted permissions (to fe_users) to view and export data of frontend newsletter subscribers. The condition is an information-disc...
CVE-2019-16698
The directmail aka Direct Mail extension through 5.2.2 for TYPO3 has a missing access check in the backend module, allowing a user with restricted permissions to the feusers table to view and export data of frontend users who are subscribed to a newsletter...