It has been discovered that the extension "Direct Mail" (direct mail) is susceptible to Information Disclosure

More... (http://typo3.org/news/article/security-bypass-vulnerability-in-extension-powermail-powermail-copy-1/)