Skip to content

Commit

Permalink
Added the latest TYPO3 extension security announcements
Browse files Browse the repository at this point in the history
* CVE-2023-50459 - `in2code/femanager`
* CVE-2023-50461 - `directmailteam/direct-mail`
* CVE-2023-50462 - `t3s/content-consent`
  • Loading branch information
derhansen committed Dec 13, 2023
1 parent 9432d63 commit e62f593
Show file tree
Hide file tree
Showing 3 changed files with 33 additions and 0 deletions.
14 changes: 14 additions & 0 deletions directmailteam/direct-mail/CVE-2023-50461.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
title: 'TYPO3-EXT-SA-2023-011: Configuration Injection in extension "Direct Mail" (direct_mail)'
link: 'https://typo3.org/security/advisory/typo3-ext-sa-2023-011'
cve: CVE-2023-50461
branches:
main:
time: '2023-12-12 20:59:00'
versions: ['>=8.0.0', '<9.5.2']
7.x:
time: '2023-12-12 20:52:00'
versions: ['>=7.0.0', '<7.0.3']
1.x:
time: '2023-12-12 20:52:00'
versions: ['<6.0.3']
reference: 'composer://directmailteam/direct-mail'
8 changes: 8 additions & 0 deletions in2code/femanager/CVE-2023-50459.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
title: 'TYPO3-EXT-SA-2023-010: Broken Access Control in extension "femanager" (femanager)'
link: 'https://typo3.org/security/advisory/typo3-ext-sa-2023-010'
cve: CVE-2023-50459
branches:
main:
time: '2023-12-13 11:55:00'
versions: ['>=7.0.0', '<7.2.3']
reference: 'composer://in2code/femanager'
11 changes: 11 additions & 0 deletions t3s/content-consent/CVE-2023-50462.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
title: 'TYPO3-EXT-SA-2023-009: Insecure Direct Object Reference in extension "Content Consent" (content_consent)'
link: 'https://typo3.org/security/advisory/typo3-ext-sa-2023-009'
cve: CVE-2023-50462
branches:
main:
time: '2023-11-20 14:58:00'
versions: ['>=2.0.0', '<2.0.2']
1.x:
time: '2023-11-26 07:03:00'
versions: ['<1.0.3']
reference: 'composer://t3s/content-consent'

0 comments on commit e62f593

Please sign in to comment.