PT-2017-5749 · Typo3 · Typo3 Direct Mail Extension

Bernhard Kraft

·

Published

2017-12-29

·

Updated

2022-05-13

·

CVE-2013-7400

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions: TYPO3 Direct Mail extension versions prior to 3.1.2
Description: The issue allows remote attackers to obtain sensitive information due to improper checking of authentication codes.
Recommendations: For versions prior to 3.1.2, update to version 3.1.2 or later to resolve the issue.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2013-7400
GHSA-4MH5-JJ5W-3F9Q

Affected Products

Typo3 Direct Mail Extension