CVE-2025-7899 Information

Jul 23, 2025 cve

Description

The powermail extension for TYPO3 allows Insecure Direct Object Reference resulting in download of arbitrary files from the webserver. This issue affects powermail version 12.0.0 up to 12.5.2 and version 13.0.0

Reference

https://typo3.org/security/advisory/typo3-ext-sa-2025-009

CNNVD-202507-2869 (Published: 2025-07-22)

Share on:

CVE-2025-7899 Information

Description

Reference

Related CNNVD