CVE-2014-6288 – in2code/powermail

Package

Manager: composer
Name: in2code/powermail
Vulnerable Version: >=2.0.0 <2.0.11

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U

EPSS: 0.00137 pctl0.34246

Details

TYPO3 powermail extension allows remote attackers to bypass CAPTCHA protection mechanism The powermail extension 2.x before 2.0.11 for TYPO3 allows remote attackers to bypass the CAPTCHA protection mechanism via unspecified vectors.

Metadata

Created: 2022-05-17T04:31:13Z
Modified: 2025-04-14T17:38:04Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-2jq7-pgqq-gqqj/GHSA-2jq7-pgqq-gqqj.json
CWE IDs: ["CWE-287"]
Alternative ID: GHSA-2jq7-pgqq-gqqj
Finding: F039
Auto approve: 1