Derhansen

derhansen

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Event Management And Registration

event_management_and_registration

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-24751 1Derhansen 1Event Management And Registration Nov 21, 2024 Feb 13, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 sf_event_mgt is an event management and registration extension for the TYPO3 CMS based on ExtBase and Fluid. In affected versions the existing access control check for events in the backend module got broken during the u...Show more sf_event_mgt is an event management and registration extension for the TYPO3 CMS based on ExtBase and Fluid. In affected versions the existing access control check for events in the backend module got broken during the update of the extension to TYPO3 12.4, because the `RedirectResponse` from the `$this->redirect()` function was never handled. This issue has been addressed in version 7.4.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.Show less
CVE-2020-25026 1Derhansen 1Event Management And Registration Nov 21, 2024 Sep 2, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 The sf_event_mgt (aka Event management and registration) extension before 4.3.1 and 5.x before 5.1.1 for TYPO3 allows Information Disclosure (participant data, and event data via email) because of Broken Access Control.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2024-24751

1Derhansen

1Event Management And Registration

Nov 21, 2024

Feb 13, 2024

N/A· v4

8.8 HIGH· v3

N/A· v2

sf_event_mgt is an event management and registration extension for the TYPO3 CMS based on ExtBase and Fluid. In affected versions the existing access control check for events in the backend module got broken during the update of the extension to TYPO3 12.4, because the `RedirectResponse` from the `$this->redirect()` function was never handled. This issue has been addressed in version 7.4.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.Show less

CVE-2020-25026

1Derhansen

1Event Management And Registration

Nov 21, 2024

Sep 2, 2020

N/A· v4

4.3 MEDIUM· v3

4.0 MEDIUM· v2

The sf_event_mgt (aka Event management and registration) extension before 4.3.1 and 5.x before 5.1.1 for TYPO3 allows Information Disclosure (participant data, and event data via email) because of Broken Access Control.