CVE-2010-3667
MEDIUM5.3EPSS 0.32%TYPO3 is vulnerable to Spam Abuse in the native form content element
發布日:2022/4/21修改日:2024/2/6
描述
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Spam Abuse in the native form content element. An attacker could abuse the form to send mails to arbitrary email addresses.
受影響套件(1)
- Packagist/typo3/cms-frontendfrom 0, < 4.1.14
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
參考連結(9)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2010-3667
- PATCHhttps://github.com/TYPO3-CMS/frontend
- WEBhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719
- WEBhttps://github.com/TYPO3/typo3/commit/34da374183dd472fa7987ee25b47544a06bd2173
- WEBhttps://github.com/TYPO3/typo3/commit/5eb60976cea268b879e02811208e6a1777674cbb
- WEBhttps://github.com/TYPO3/typo3/commit/78dbe326df7ebc612f40882920a426c82b2ca9d3
- WEBhttps://github.com/TYPO3/typo3/commit/f82696c7d62842edb0bf79ef21a85d56735a1527
- WEBhttps://security-tracker.debian.org/tracker/CVE-2010-3667
- WEBhttps://typo3.org/security/advisory/typo3-sa-2010-012/#Spam_Abuse