CVE-2024-45232 | Powermail EExtension up to 12.3.5 on TYPO3 confirmationAction resource injection

Posted by Angelo Barbosa | Aug 29, 2024 | CVE

A vulnerability, which was classified as problematic, was found in Powermail EExtension up to 12.3.5 on TYPO3. This affects the function confirmationAction. The manipulation of the argument mail leads to improper control of resource identifiers.

This vulnerability is uniquely identified as CVE-2024-45232. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-45232 | Powermail EExtension up to 12.3.5 on TYPO3 confirmationAction resource injection

Related Posts

CVE-2024-8961 | wpdevteam Essential Addons for Elementor Plugin up to 6.0.7 on WordPress nomore_items_text cross site scripting

CVE-2024-31286 | J.N. Breetvelt WP Photo Album Plus Plugin prior 8.6.03.005 on WordPress unrestricted upload

CVE-2024-2868 | devitemsllc ShopLentor Plugin up to 2.8.3 on WordPress slitems cross site scripting

CVE-2024-25617 | Squid Web Proxy up to 6.4 HTTP Header Parser resource consumption (GHSA-h5x6-w8mv-xfpr)