Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
typo3TYPO3 AssociationTYPO3-EXT-SA-2019-016
HistoryOct 15, 2019 - 12:00 a.m.

Information Disclosure in extension "Direct Mail" (direct_mail)

2019-10-1500:00:00
TYPO3 Association
typo3.org
3

0.001 Low

EPSS

Percentile

19.4%

JSON

A missing access check in the backend module of the extension allows a backend user without access to configured tables (e.g. fe_users, tt_address) to view and export data of users subscribed to a newsletter.

CPENameOperatorVersion
direct_maille5.2.2

Related

cve 1
prion 1
osv 1
symantec 1
cvelist 1
nvd 1
github 1
cve
cve
CVE-2019-16698
2019-10-16 19:15:15
prion
prion
Design/Logic Flaw
2019-10-16 19:15:00
osv
osv
direct_mail for Typo3 sensitive data exposure
2022-05-24 16:58:55
symantec
symantec
TYPO3 Direct Mail Extension CVE-2019-16698 Information Disclosure Vulnerability
2019-10-15 00:00:00
cvelist
cvelist
CVE-2019-16698
2019-10-16 18:45:44
nvd
nvd
CVE-2019-16698
2019-10-16 19:15:15
github
github
direct_mail for Typo3 sensitive data exposure
2022-05-24 16:58:55

0.001 Low

EPSS

Percentile

19.4%

JSON
Related for TYPO3-EXT-SA-2019-016
cve1prion1osv1symantec1cvelist1nvd1github1