26 matches found
EUVD-2022-50172
Malicious code in bioql PyPI...
CVE-2022-47408
An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. There is a CAPTCHA bypass that can lead to subscribing many people...
GHSA-R44W-PFX8-28JV "Newsletter subscriber management" (fp_newsletter) TYPO3 extension leaks subscriber data
An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations...
"Newsletter subscriber management" (fp_newsletter) TYPO3 extension leaks subscriber data
An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations...
CVE-2022-47408
An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. There is a CAPTCHA bypass that can lead to subscribing many people...
CVE-2022-47411
An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations...
Design/Logic Flaw
An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. There is a CAPTCHA bypass that can lead to subscribing many people...
Design/Logic Flaw
An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Attackers can unsubscribe everyone via a series of modified subscription UIDs in deleteAction operations...
Design/Logic Flaw
An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations...
CVE-2022-47409
An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Attackers can unsubscribe everyone via a series of modified subscription UIDs in deleteAction operations...
CVE-2022-47408
An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. There is a CAPTCHA bypass that can lead to subscribing many people...
CVE-2022-47408
An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. There is a CAPTCHA bypass that can lead to subscribing many people...
TYPO3 安全漏洞
TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 fpnewsletter, which stems from the fact that an attacker can unsubscribe everyone via a series of modified subscription uids in a deleteAction...
CVE-2022-47409
An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Attackers can unsubscribe everyone via a series of modified subscription UIDs in deleteAction operations...
CVE-2022-47410
An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations...
CVE-2022-47409
CVE-2022-47409 affects the TYPO3 fp_newsletter extension. The issue arises in the deleteAction, where attackers can unsubscribe everyone by manipulating series of subscription UIDs. Affected versions include: pre-1.1.1; 1.2.0; 2.x before 2.1.2; 2.2.1 through 2.4.0; and 3.x before 3.2.6. Impact is...
TYPO3 安全漏洞
TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 fpnewsletter, which stems from the fact that its subscriber's data can be obtained via an unsubscribeAction operation...
CVE-2022-47411
An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations...
CVE-2022-47411
The CVE-2022-47411 flaw affects the TYPO3 fp_newsletter extension and allows exposure of subscriber data via unsubscribeAction. Affected versions include 1.0–1.1.0, 1.2.0, 2.0–2.1.1, 2.2.1–2.4.0, and 3.0–3.2.5. Remediation paths per PT-Security: upgrade to 1.1.1 (or later) for 1.x; to 2.1.2 (or l...
CVE-2022-47408
CVE-2022-47408 – TYPO3 fp_newsletter CAPTCHA bypass is documented across multiple sources. The vulnerability affects the fp_newsletter (Newsletter subscriber management) extension for TYPO3, with affected versions ranging from 1.0 through 1.1.0, 1.2.0, 2.0 through 2.1.1, 2.2.1 through 2.4.0, and ...