4 matches found
CVE-2022-47408
CVE-2022-47408 – TYPO3 fp_newsletter CAPTCHA bypass is documented across multiple sources. The vulnerability affects the fp_newsletter (Newsletter subscriber management) extension for TYPO3, with affected versions ranging from 1.0 through 1.1.0, 1.2.0, 2.0 through 2.1.1, 2.2.1 through 2.4.0, and ...
CVE-2022-47410
The CVE-2022-47410 entry affects the TYPO3 fp_newsletter (Newsletter subscriber management) extension. The reported issue is that data about subscribers may be obtained via createAction operations, with vulnerable versions including before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1–2.4.0, and 3.x befo...
CVE-2022-47411
The CVE-2022-47411 flaw affects the TYPO3 fp_newsletter extension and allows exposure of subscriber data via unsubscribeAction. Affected versions include 1.0–1.1.0, 1.2.0, 2.0–2.1.1, 2.2.1–2.4.0, and 3.0–3.2.5. Remediation paths per PT-Security: upgrade to 1.1.1 (or later) for 1.x; to 2.1.2 (or l...
CVE-2022-47409
CVE-2022-47409 affects the TYPO3 fp_newsletter extension. The issue arises in the deleteAction, where attackers can unsubscribe everyone by manipulating series of subscription UIDs. Affected versions include: pre-1.1.1; 1.2.0; 2.x before 2.1.2; 2.2.1 through 2.4.0; and 3.x before 3.2.6. Impact is...