Search for packages
| purl | pkg:composer/in2code/femanager@6.3.2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3q4b-w6nb-kqbp
Aliases: CVE-2022-44543 GHSA-59m9-p6cm-94q5 GMS-2022-6272 |
TYPO3 Extension femanager vulnerable to Broken Access Control |
Affected by 4 other vulnerabilities. Affected by 6 other vulnerabilities. |
|
VCID-3t7q-cyp5-mqb4
Aliases: CVE-2023-25013 GHSA-mm8v-wmqx-8h2j |
An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Missing access checks in the InvitationController allow an unauthenticated user to set the password of all frontend users. |
Affected by 2 other vulnerabilities. Affected by 4 other vulnerabilities. |
|
VCID-d91a-d2b5-cycq
Aliases: CVE-2023-25014 GHSA-3p9x-xxx6-2w4p |
An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Missing access checks in the InvitationController allow an unauthenticated user to delete all frontend users. |
Affected by 2 other vulnerabilities. Affected by 4 other vulnerabilities. |
|
VCID-vpgv-cr97-kffs
Aliases: CVE-2025-7900 GHSA-rc5f-3hfv-jxp2 |
The femanager extension for TYPO3 allows Insecure Direct Object Reference resulting in unauthorized modification of userdata. This issue affects femanager version 6.4.1 and below, 7.0.0 to 7.5.2 and 8.0.0 to 8.3.0 |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-wumy-ggkp-cugg
Aliases: CVE-2025-48202 GHSA-xxwr-wv9g-7jw3 |
The femanager extension through 8.2.1 for TYPO3 allows Insecure Direct Object Reference. |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||