Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/in2code/femanager@5.5.2
purl pkg:composer/in2code/femanager@5.5.2
Next non-vulnerable version 6.4.2
Latest non-vulnerable version 8.3.1
Risk 4.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-3t7q-cyp5-mqb4
Aliases:
CVE-2023-25013
GHSA-mm8v-wmqx-8h2j
An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Missing access checks in the InvitationController allow an unauthenticated user to set the password of all frontend users.
5.5.3
Affected by 2 other vulnerabilities.
6.3.4
Affected by 2 other vulnerabilities.
7.1.0
Affected by 4 other vulnerabilities.
VCID-d91a-d2b5-cycq
Aliases:
CVE-2023-25014
GHSA-3p9x-xxx6-2w4p
An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Missing access checks in the InvitationController allow an unauthenticated user to delete all frontend users.
5.5.3
Affected by 2 other vulnerabilities.
6.3.4
Affected by 2 other vulnerabilities.
7.1.0
Affected by 4 other vulnerabilities.
VCID-vpgv-cr97-kffs
Aliases:
CVE-2025-7900
GHSA-rc5f-3hfv-jxp2
The femanager extension for TYPO3 allows Insecure Direct Object Reference resulting in unauthorized modification of userdata. This issue affects femanager version 6.4.1 and below, 7.0.0 to 7.5.2 and 8.0.0 to 8.3.0
6.4.2
Affected by 0 other vulnerabilities.
7.5.3
Affected by 0 other vulnerabilities.
8.3.1
Affected by 0 other vulnerabilities.
VCID-wumy-ggkp-cugg
Aliases:
CVE-2025-48202
GHSA-xxwr-wv9g-7jw3
The femanager extension through 8.2.1 for TYPO3 allows Insecure Direct Object Reference.
5.5.5
Affected by 1 other vulnerability.
6.4.1
Affected by 1 other vulnerability.
7.4.2
Affected by 1 other vulnerability.
8.2.2
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-3q4b-w6nb-kqbp TYPO3 Extension femanager vulnerable to Broken Access Control CVE-2022-44543
GHSA-59m9-p6cm-94q5
GMS-2022-6272

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-14T11:55:06.605928+00:00 GitLab Importer Fixing VCID-3q4b-w6nb-kqbp https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/in2code/femanager/GMS-2022-6272.yml 38.6.0
2026-06-12T20:07:41.823437+00:00 GitLab Importer Affected by VCID-vpgv-cr97-kffs https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/in2code/femanager/CVE-2025-7900.yml 38.6.0
2026-06-12T20:02:09.523841+00:00 GitLab Importer Affected by VCID-wumy-ggkp-cugg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/in2code/femanager/CVE-2025-48202.yml 38.6.0
2026-06-12T18:45:37.956056+00:00 GitLab Importer Affected by VCID-d91a-d2b5-cycq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/in2code/femanager/CVE-2023-25014.yml 38.6.0
2026-06-12T18:45:36.743525+00:00 GitLab Importer Affected by VCID-3t7q-cyp5-mqb4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/in2code/femanager/CVE-2023-25013.yml 38.6.0
2026-06-12T08:17:33.622599+00:00 GithubOSV Importer Fixing VCID-3q4b-w6nb-kqbp https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/11/GHSA-59m9-p6cm-94q5/GHSA-59m9-p6cm-94q5.json 38.6.0
2026-06-11T20:33:08.122630+00:00 GHSA Importer Fixing VCID-3q4b-w6nb-kqbp https://github.com/advisories/GHSA-59m9-p6cm-94q5 38.6.0