CVE-2024-45232 | Powermail EExtension up to 12.3.5 on TYPO3 confirmationAction resource injection

Posted by Angelo Barbosa | Aug 29, 2024 | CVE

A vulnerability, which was classified as problematic, was found in Powermail EExtension up to 12.3.5 on TYPO3. This affects the function confirmationAction. The manipulation of the argument mail leads to improper control of resource identifiers.

This vulnerability is uniquely identified as CVE-2024-45232. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-45232 | Powermail EExtension up to 12.3.5 on TYPO3 confirmationAction resource injection

Related Posts

CVE-2024-2468 | EmbedPress Plugin up to 3.9.12 on WordPress Widget Attribute cross site scripting

CVE-2024-22239 | VMware Aria Operations for Networks prior 6.12 Console Local Privilege Escalation (VMSA-2024-0002)

CVE-2024-32315 | Tenda FH1202 1.2.0.14(408) formWanParameterSetting adslPwd stack-based overflow

CVE-2024-10181 | Newsletters Plugin up to 4.9.9.4 on WordPress Shortcode newsletters_video cross site scripting