Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Fp Newsletter Project Subscribe
Filtered by product Fp Newsletter
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-47408 1 Fp Newsletter Project 1 Fp Newsletter 2022-12-16 N/A 9.1 CRITICAL
An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. There is a CAPTCHA bypass that can lead to subscribing many people.
CVE-2022-47411 1 Fp Newsletter Project 1 Fp Newsletter 2022-12-16 N/A 7.5 HIGH
An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations.
CVE-2022-47410 1 Fp Newsletter Project 1 Fp Newsletter 2022-12-16 N/A 7.5 HIGH
An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations.
CVE-2022-47409 1 Fp Newsletter Project 1 Fp Newsletter 2022-12-16 N/A 7.5 HIGH
An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Attackers can unsubscribe everyone via a series of modified subscription UIDs in deleteAction operations.