Vulnerability Database
296,278
Total vulnerabilities in the database
CVE-2025-7899
The powermail extension for TYPO3 allows Insecure Direct Object Reference resulting in download of arbitrary files from the webserver. This issue affects powermail version 12.0.0 up to 12.5.2 and version 13.0.0
| Software | From | Fixed in |
|---|---|---|
in2code / powermail
|
12.0.0 | 12.5.3 |
|
in2code / powermail
|
13.0.0 | 13.0.0.x |
|
in2code / powermail
|
13.0.0 | 13.0.1 |