Search for vulnerabilities
| Vulnerability ID | VCID-7bek-ysht-hugc |
| Aliases |
CVE-2023-45023
GHSA-93j4-v838-8767 |
| Summary | TYPO3 extension femanager Broken Access Control vulnerability femanager fails to check access permissions for the invitation component. Depending on the configuration of the plugin, a remote user can create frontend user accounts with access to configured frontend groups. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 6.2 |
| Risk | 3.1 |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| epss | 0.01077 | https://api.first.org/data/v1/epss?cve=CVE-2023-45023 |
| epss | 0.01077 | https://api.first.org/data/v1/epss?cve=CVE-2023-45023 |
| epss | 0.01077 | https://api.first.org/data/v1/epss?cve=CVE-2023-45023 |
| cvssv3.1_qr | MODERATE | https://github.com/advisories/GHSA-93j4-v838-8767 |
| generic_textual | MODERATE | https://github.com/FriendsOfPHP/security-advisories/blob/master/in2code/femanager/CVE-2023-45023.yaml |
| generic_textual | MODERATE | https://github.com/in2code-de/femanager |
| generic_textual | MODERATE | https://github.com/in2code-de/femanager/commit/cc5f2893613a6b3fd2677c457574ab587a0862ca |
| generic_textual | MODERATE | https://github.com/in2code-de/femanager/releases/tag/7.2.2 |
| generic_textual | MODERATE | https://typo3.org/security/advisory/typo3-ext-sa-2023-008 |
| Percentile | 0.78295 |
| EPSS Score | 0.01077 |
| Published At | June 12, 2026, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2026-06-12T07:56:32.057167+00:00 | GithubOSV Importer | Import | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-93j4-v838-8767/GHSA-93j4-v838-8767.json | 38.6.0 |