Lucene search
K
Fp Newsletter ProjectFp Newsletter

4 matches found

CVE
CVE
added 2022/12/14 12:0 a.m.69 views

CVE-2022-47408

CVE-2022-47408 – TYPO3 fp_newsletter CAPTCHA bypass is documented across multiple sources. The vulnerability affects the fp_newsletter (Newsletter subscriber management) extension for TYPO3, with affected versions ranging from 1.0 through 1.1.0, 1.2.0, 2.0 through 2.1.1, 2.2.1 through 2.4.0, and ...

9.1CVSS9.1AI score0.00651EPSS
CVE
CVE
added 2022/12/14 12:0 a.m.58 views

CVE-2022-47410

The CVE-2022-47410 entry affects the TYPO3 fp_newsletter (Newsletter subscriber management) extension. The reported issue is that data about subscribers may be obtained via createAction operations, with vulnerable versions including before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1–2.4.0, and 3.x befo...

9.1CVSS7.5AI score0.00674EPSS
CVE
CVE
added 2022/12/14 12:0 a.m.53 views

CVE-2022-47411

The CVE-2022-47411 flaw affects the TYPO3 fp_newsletter extension and allows exposure of subscriber data via unsubscribeAction. Affected versions include 1.0–1.1.0, 1.2.0, 2.0–2.1.1, 2.2.1–2.4.0, and 3.0–3.2.5. Remediation paths per PT-Security: upgrade to 1.1.1 (or later) for 1.x; to 2.1.2 (or l...

9.1CVSS7.5AI score0.00674EPSS
CVE
CVE
added 2022/12/14 12:0 a.m.46 views

CVE-2022-47409

CVE-2022-47409 affects the TYPO3 fp_newsletter extension. The issue arises in the deleteAction, where attackers can unsubscribe everyone by manipulating series of subscription UIDs. Affected versions include: pre-1.1.1; 1.2.0; 2.x before 2.1.2; 2.2.1 through 2.4.0; and 3.x before 3.2.6. Impact is...

9.1CVSS7.5AI score0.006EPSS