Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS00OHd3LThoN2ctNGh3cc0-Xw
TYPO3 is vulnerable to Spam Abuse in the native form content element
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Spam Abuse in the native form content element. An attacker could abuse the form to send mails to arbitrary email addresses.
Permalink: https://github.com/advisories/GHSA-48ww-8h7g-4hwqJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS00OHd3LThoN2ctNGh3cc0-Xw
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: about 2 years ago
Updated: 3 months ago
CVSS Score: 5.3
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Identifiers: GHSA-48ww-8h7g-4hwq, CVE-2010-3667
References:
- https://nvd.nist.gov/vuln/detail/CVE-2010-3667
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719
- https://security-tracker.debian.org/tracker/CVE-2010-3667
- https://typo3.org/security/advisory/typo3-sa-2010-012/#Spam_Abuse
- https://github.com/TYPO3/typo3/commit/34da374183dd472fa7987ee25b47544a06bd2173
- https://github.com/TYPO3/typo3/commit/5eb60976cea268b879e02811208e6a1777674cbb
- https://github.com/TYPO3/typo3/commit/78dbe326df7ebc612f40882920a426c82b2ca9d3
- https://github.com/TYPO3/typo3/commit/f82696c7d62842edb0bf79ef21a85d56735a1527
- https://github.com/advisories/GHSA-48ww-8h7g-4hwq
Blast Radius: 14.4
Affected Packages
packagist:typo3/cms-frontend
Dependent packages: 312Dependent repositories: 527
Downloads: 6,901,418 total
Affected Version Ranges: >= 4.4.0, < 4.4.1, >= 4.3.0, < 4.3.4, >= 4.2.0, < 4.2.13, < 4.1.14
Fixed in: 4.4.1, 4.3.4, 4.2.13, 4.1.14
All affected versions:
All unaffected versions: 8.7.7, 8.7.8, 8.7.9, 8.7.10, 8.7.11, 8.7.12, 8.7.13, 8.7.14, 8.7.15, 8.7.16, 8.7.17, 8.7.18, 8.7.19, 8.7.20, 8.7.21, 8.7.22, 8.7.23, 8.7.24, 8.7.25, 8.7.26, 8.7.27, 8.7.28, 8.7.29, 8.7.30, 8.7.31, 8.7.32, 9.0.0, 9.1.0, 9.2.0, 9.2.1, 9.3.0, 9.3.1, 9.3.2, 9.3.3, 9.4.0, 9.5.0, 9.5.1, 9.5.2, 9.5.3, 9.5.4, 9.5.5, 9.5.6, 9.5.7, 9.5.8, 9.5.9, 9.5.10, 9.5.11, 9.5.12, 9.5.13, 9.5.14, 9.5.15, 9.5.16, 9.5.17, 9.5.18, 9.5.19, 9.5.20, 9.5.21, 9.5.22, 9.5.23, 9.5.24, 9.5.25, 9.5.26, 9.5.27, 9.5.28, 9.5.29, 9.5.30, 9.5.31, 10.0.0, 10.1.0, 10.2.0, 10.2.1, 10.2.2, 10.3.0, 10.4.0, 10.4.1, 10.4.2, 10.4.3, 10.4.4, 10.4.5, 10.4.6, 10.4.7, 10.4.8, 10.4.9, 10.4.10, 10.4.11, 10.4.12, 10.4.13, 10.4.14, 10.4.15, 10.4.16, 10.4.17, 10.4.18, 10.4.19, 10.4.20, 10.4.21, 10.4.22, 10.4.23, 10.4.24, 10.4.25, 10.4.26, 10.4.27, 10.4.28, 10.4.29, 10.4.30, 10.4.31, 10.4.32, 10.4.33, 10.4.34, 10.4.36, 10.4.37, 11.0.0, 11.1.0, 11.1.1, 11.2.0, 11.3.0, 11.3.1, 11.3.2, 11.3.3, 11.4.0, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.5.11, 11.5.12, 11.5.13, 11.5.14, 11.5.15, 11.5.16, 11.5.17, 11.5.18, 11.5.19, 11.5.20, 11.5.21, 11.5.22, 11.5.23, 11.5.24, 11.5.25, 11.5.26, 11.5.27, 11.5.28, 11.5.29, 11.5.30, 11.5.31, 11.5.32, 11.5.33, 11.5.34, 11.5.35, 11.5.36, 12.0.0, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 12.2.0, 12.3.0, 12.4.0, 12.4.1, 12.4.2, 12.4.3, 12.4.4, 12.4.5, 12.4.6, 12.4.7, 12.4.8, 12.4.9, 12.4.10, 12.4.11, 12.4.12, 12.4.13, 12.4.14, 13.0.0, 13.0.1, 13.1.0