In2code/femanager
This hub aggregates every CVE we track for In2code/femanager, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
7
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM5HIGH2
Monthly trend
0
0
0
0
0
0
0
0
0
0
1
0
1
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 7 most recently published vulnerabilities affecting In2code/femanager.
- CVE-2025-7900Insecure Direct Object Reference in extension "femanager" (femanager)6.5
- CVE-2025-48202The femanager extension through 8.2.1 for TYPO3 allows Insecure Direct Object Reference.5.3
- CVE-2022-44543The femanager extension before 5.5.2, 6.x before 6.3.3, and 7.x before 7.0.1 for TYPO3 allows creation of frontend users in restricted groups (if there is a usergroup field on the registration form...5.3
- CVE-2023-25013An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Missing access checks in the InvitationController allow an unauthenticated user to...8.6
- CVE-2023-25014An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Missing access checks in the InvitationController allow an unauthenticated user to...8.6
- CVE-2021-36787The femanager extension before 5.5.1 and 6.x before 6.3.1 for TYPO3 allows XSS via a crafted SVG document.5.4
- CVE-2014-6292The femanager extension before 1.0.9 for TYPO3 allows remote frontend users to modify or delete the records of other frontend users via unspecified vectors.6.4
Product normalization is registry-driven with AI assist and human review. How it works