GHSA-r44w-pfx8-28jv
Suggest an improvement- Source
- https://github.com/advisories/GHSA-r44w-pfx8-28jv
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/12/GHSA-r44w-pfx8-28jv/GHSA-r44w-pfx8-28jv.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-r44w-pfx8-28jv
- Aliases
- Published
- 2022-12-14T21:30:16Z
- Modified
- 2025-04-21T23:27:41.448269Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- "Newsletter subscriber management" (fp_newsletter) TYPO3 extension leaks subscriber data
- Details
-
An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations.
- Database specific
{ "nvd_published_at": "2022-12-14T21:15:00Z", "cwe_ids": [ "CWE-200", "CWE-668" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2025-04-21T22:51:45Z" }- References
Affected packages
Packagist / fixpunkt/fp-newsletter
Package
- Name
- fixpunkt/fp-newsletter
- Purl
- pkg:composer/fixpunkt/fp-newsletter
Packagist / fixpunkt/fp-newsletter
Package
- Name
- fixpunkt/fp-newsletter
- Purl
- pkg:composer/fixpunkt/fp-newsletter
Packagist / fixpunkt/fp-newsletter
Package
- Name
- fixpunkt/fp-newsletter
- Purl
- pkg:composer/fixpunkt/fp-newsletter