CVE-2019-16698
The CVE-2019-16698 issue affects the TYPO3 Direct Mail extension (direct_mail) up to version 5.2.2. A missing access check in the backend module allows a user with restricted permissions (to fe_users) to view and export data of frontend newsletter subscribers. The condition is an information-disc...