Lucene search
TYPO3 AssociationTYPO3-EXT-SA-2020-017HistorySep 02, 2020 - 12:00 a.m.
Multiple vulnerabilities in extension "Event management and registration" (sf_event_mgt)
2020-09-0200:00:00
TYPO3 Association
typo3.org
13
0.001 Low
EPSS
Percentile
22.7%
A missing access check in the backend module allows an authenticated backend user to export participant data for events which the user does not have access to, resulting in Information Disclosure.
| CPE | Name | Operator | Version |
|---|---|---|---|
| sf_event_mgt | le | 4.3.0 | |
| sf_event_mgt | ge | 5.0.0 | |
| sf_event_mgt | le | 5.1.0 |
Related
osv
osv
Information Disclosure in TYPO3 extension sf_event_mgt
2020-09-02 18:03:26
CVE-2020-25026
2020-09-02 17:15:12
prion
prion
Improper access control
2020-09-02 17:15:00
github
github
Information Disclosure in TYPO3 extension sf_event_mgt
2020-09-02 18:03:26
nvd
nvd
CVE-2020-25026
2020-09-02 17:15:12
cve
cve
CVE-2020-25026
2020-09-02 17:15:12
cvelist
cvelist
CVE-2020-25026
2020-09-02 16:17:34
veracode
veracode
Information Disclosure
2020-09-03 05:00:40