The l10nmgr (aka Localization Manager) extension before 7.4.0, 8.x before 8.7.0, and 9.x before 9.2.0 for TYPO3 allows Information Disclosure (translatable fields).
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25025
Reference (s):
- https://typo3.org/security/advisory/typo3-ext-sa-2020-016
- https://typo3.org/help/security-advisories