Direct Mail Security Vulnerabilities and Issues — Direct Mail CVE List

Lucene search

DkdDirect Mail

3 matches found

CVE•added 2020/05/13 1:15 p.m.•58 views

CVE-2020-12698

The direct_mail extension through 5.2.3 for TYPO3 has Broken Access Control for newsletter subscriber tables.

4.3CVSS4.9AI score0.00129EPSS

CVE•added 2020/05/13 1:15 p.m.•51 views

CVE-2020-12700

The direct_mail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query.

4.3CVSS4.6AI score0.00129EPSS

CVE•added 2019/10/16 7:15 p.m.•47 views

CVE-2019-16698

The direct_mail (aka Direct Mail) extension through 5.2.2 for TYPO3 has a missing access check in the backend module, allowing a user (with restricted permissions to the fe_users table) to view and export data of frontend users who are subscribed to a newsletter.

4.3CVSS4.5AI score0.00114EPSS