GHSA-2jq7-pgqq-gqqj

Source

https://github.com/advisories/GHSA-2jq7-pgqq-gqqj

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-2jq7-pgqq-gqqj/GHSA-2jq7-pgqq-gqqj.json

JSON Data

https://api.test.osv.dev/v1/vulns/GHSA-2jq7-pgqq-gqqj

Aliases

CVE-2014-6288

Published

2022-05-17T04:31:13Z

Modified

2025-04-14T18:42:09.334887Z

Severity

6.6 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U CVSS Calculator

Summary

TYPO3 powermail extension allows remote attackers to bypass CAPTCHA protection mechanism

Details

The powermail extension 2.x before 2.0.11 for TYPO3 allows remote attackers to bypass the CAPTCHA protection mechanism via unspecified vectors.

Database specific

{
    "github_reviewed": true,
    "nvd_published_at": "2014-10-03T14:55:00Z",
    "severity": "MODERATE",
    "cwe_ids": [
        "CWE-287"
    ],
    "github_reviewed_at": "2025-04-14T17:38:04Z"
}

References

Affected packages

Packagist / in2code/powermail

Package

Name: in2code/powermail
Purl: pkg:composer/in2code/powermail

Affected ranges

Type: ECOSYSTEM
Events: Introduced

2.0.0

Fixed

2.0.11