directmailteam/direct-mail Security Advisories for v5.1.1 (6)
-
[HIGH] TYPO3-EXT-SA-2023-011: Configuration Injection in extension "Direct Mail" (direct_mail)
PKSA-y4kn-yny7-k5mq CVE-2023-50461 GHSA-p6xx-fhfw-7mj7
Affected version: >=8.0.0,<9.5.2|>=7.0.0,<7.0.3|<6.0.3
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[MEDIUM] direct_mail for Typo3 sensitive data exposure
PKSA-m5xq-8hx5-n4v7 CVE-2019-16698 GHSA-j2w4-45qm-r674
Affected version: <=5.2.2
Reported by:
GitHub -
[MEDIUM] Missing Authorization in TYPO3 extension
PKSA-2z53-631w-1x28 CVE-2020-12700 GHSA-qwmj-72mp-q3m2
Affected version: <5.2.4
Reported by:
GitHub -
[MEDIUM] Missing Authorization in TYPO3 extension
PKSA-4bfx-z63h-knd6 CVE-2020-12698 GHSA-9pm8-xcj6-2m33
Affected version: <5.2.4
Reported by:
GitHub -
[MEDIUM] Open redirect in direct_mail
PKSA-th9y-wj1w-rckh CVE-2020-12699 GHSA-952m-m83c-3xm6
Affected version: <5.2.4
Reported by:
GitHub -
[MEDIUM] Denial of service in direct_mail
PKSA-76rk-w4gm-ynxc CVE-2020-12697 GHSA-5gm6-r79q-hfgw
Affected version: <5.2.4
Reported by:
GitHub