in2code/powermail Security Advisories (6)
-
[MEDIUM] TYPO3-EXT-SA-2024-007: Insecure Direct Object Reference in extension "powermail" (powermail)
PKSA-smk7-6q9f-1yz5 CVE-2024-47047 GHSA-q25c-r482-77p9
Affected version: >=12.0.0,<12.4.1|>=9.0.0,<10.9.1|>=8.0.0,<8.5.1|<7.5.1
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] Powermail TYPO3 extension Broken Access Control in the OutputController
PKSA-skk3-z6j6-54hc CVE-2024-45233 GHSA-9jqr-5x45-pgw8
Affected version: >=11.0.0,<12.4.0|>=9.0.0,<10.9.0|>=8.0.0,<8.5.0|<7.5.0
Reported by:
GitHub -
[MEDIUM] TYPO3-EXT-SA-2024-006: Multiple vulnerabilities in "powermail" (powermail)
PKSA-x55d-gf1k-6pmy CVE-2024-45232 GHSA-p652-xcgx-f85m
Affected version: >=12.0.0,<12.4.0|>=9.0.0,<10.9.0|>=8.0.0,<8.5.0|<7.5.0
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[HIGH] powermail extension for TYPO3 vulnerable to SQL Injection
PKSA-d48r-jmr8-r3cv CVE-2010-3604 GHSA-rp53-fw29-rxg3
Affected version: <1.5.4
Reported by:
GitHub -
[LOW] powermail extension for TYPO3 has Cross-site Scripting vulnerability
PKSA-qnb2-ks9m-9qjd CVE-2012-5889 GHSA-8cg3-jfjx-3pp2
Affected version: <1.6.5
Reported by:
GitHub -
[HIGH] TYPO3 powermail Extension Vulnerable to SQL Injection via Unspecified Vectors
PKSA-98jj-k7mp-3wm2 CVE-2010-0329 GHSA-mgw4-gv3f-g57j
Affected version: <1.5.2
Reported by:
GitHub