CVE-2020-25026

CVE-2020-25026

The sf_event_mgt (aka Event management and registration) extension before 4.3.1 and 5.x before 5.1.1 for TYPO3 allows Information Disclosure (participant data, and event data via email) because of Broken Access Control.

Source: CVE-2020-25026