Vulnerability Database

300,926

Total vulnerabilities in the database

CVE-2025-7900

The femanager extension for TYPO3 allows Insecure Direct Object Reference resulting in unauthorized modification of userdata. This issue affects femanager version 6.4.1 and below, 7.0.0 to 7.5.2 and 8.0.0 to 8.3.0

Published: Jul 22, 2025
Updated: Aug 11, 2025
CVE: CVE-2025-7900
GHSA: GHSA-rc5f-3hfv-jxp2
Severity: Medium
Exploit:

No technical information available.

CWEs:

CWE-639

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
in2code / femanager	-	6.4.2
in2code / femanager	7.0.0	7.5.3
in2code / femanager	8.0.0	8.3.1

https://github.com/in2code-de/femanager/commit/9bd9fbded4cf31f69bfe03c55d406e79050f8069
https://typo3.org/security/advisory/typo3-ext-sa-2025-010

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo