CVE-2010-3673 — Sensitive Information Exposure in Typo3

Severity

5.3MEDIUMNVD

EPSS

0.5%

top 36.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedNov 5

Latest updateApr 21

Description

TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows information disclosure in the mail header of the HTML mailing API.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

▶NVDtypo3/typo34.2.0 — 4.2.13+2

▶Packagisttypo3/cms-core4.3 — 4.3.4+2

GHSA

TYPO3 is vulnerable to Information Disclosure in the HTML mailing API↗2022-04-21

▶

OSV

TYPO3 is vulnerable to Information Disclosure in the HTML mailing API↗2022-04-21

▶

CVEList

CVE-2010-3673: TYPO3 before 4↗2019-11-05

▶