CVE-2010-3667
MEDIUM5.3EPSS 0.32%TYPO3 is vulnerable to Spam Abuse in the native form content element
Published: 4/21/2022Modified: 2/6/2024
Also known as:GHSA-48ww-8h7g-4hwq
Description
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Spam Abuse in the native form content element. An attacker could abuse the form to send mails to arbitrary email addresses.
Affected packages (1)
- Packagist/typo3/cms-frontendfrom 0, < 4.1.14
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
References (9)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2010-3667
- PATCHhttps://github.com/TYPO3-CMS/frontend
- WEBhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719
- WEBhttps://github.com/TYPO3/typo3/commit/34da374183dd472fa7987ee25b47544a06bd2173
- WEBhttps://github.com/TYPO3/typo3/commit/5eb60976cea268b879e02811208e6a1777674cbb
- WEBhttps://github.com/TYPO3/typo3/commit/78dbe326df7ebc612f40882920a426c82b2ca9d3
- WEBhttps://github.com/TYPO3/typo3/commit/f82696c7d62842edb0bf79ef21a85d56735a1527
- WEBhttps://security-tracker.debian.org/tracker/CVE-2010-3667
- WEBhttps://typo3.org/security/advisory/typo3-sa-2010-012/#Spam_Abuse