CVE-2024-47047 | powermail Extension up to 7.5.0/8.5.0/10.9.0/12.4.0 on TYPO3 createAction resource injection

Inserito da Angelo Barbosa | Set 17, 2024 | CVE

A vulnerability has been found in powermail Extension up to 7.5.0/8.5.0/10.9.0/12.4.0 on TYPO3 and classified as problematic. Affected by this vulnerability is the function createAction. The manipulation of the argument mail leads to improper control of resource identifiers.

This vulnerability is known as CVE-2024-47047. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-47047 | powermail Extension up to 7.5.0/8.5.0/10.9.0/12.4.0 on TYPO3 createAction resource injection

Post correlati

CVE-2023-52099 | Huawei HarmonyOS/EMUI NMS Module access control

CVE-2024-22100 | MicroDicom DICOM Viewer up to 2023.3 heap-based overflow (icsma-24-060-01)

CVE-2023-51405 | BookingPress Plugin up to 1.0.74 on WordPress Price bookingpress_confirm_booking access control

CVE-2024-31279 | Catch Plugins Generate Child Theme up to 2.0 on WordPress cross-site request forgery