CVE-2024-47047 | powermail Extension up to 7.5.0/8.5.0/10.9.0/12.4.0 on TYPO3 createAction resource injection

Inserito da Angelo Barbosa | Set 17, 2024 | CVE

A vulnerability has been found in powermail Extension up to 7.5.0/8.5.0/10.9.0/12.4.0 on TYPO3 and classified as problematic. Affected by this vulnerability is the function createAction. The manipulation of the argument mail leads to improper control of resource identifiers.

This vulnerability is known as CVE-2024-47047. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-47047 | powermail Extension up to 7.5.0/8.5.0/10.9.0/12.4.0 on TYPO3 createAction resource injection

Post correlati

CVE-2024-4993 | SiAdmin 1.1 URL /show.php cross site scripting

CVE-2024-0800 | Arcserve Unified Data Protection up to 8.1/9.2 ImportNodeServlet unrestricted upload

CVE-2024-21667 | Pimcore Customer Data Framework prior 4.0.6 GDPR Extract access control

CVE-2024-8602 | Schweizerische Steuerkonferenz Library taxstatement.jar 2.2.2/2.2.4 on Windows PDF DocumentBuilder xml external entity reference