GHSA-377v-8637-6vq6

Source

https://github.com/advisories/GHSA-377v-8637-6vq6

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-377v-8637-6vq6/GHSA-377v-8637-6vq6.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-377v-8637-6vq6

Aliases

CVE-2014-6292

Published

2022-05-13T01:04:01Z

Modified

2025-04-14T17:42:11.862949Z

Severity

6.8 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U CVSS Calculator

Summary

TYPO3 femanager extension allows remote frontend users to modify or delete records of other frontend users

Details

The femanager extension before 1.0.9 for TYPO3 allows remote frontend users to modify or delete the records of other frontend users via unspecified vectors.

Database specific

{
    "github_reviewed_at": "2025-04-14T17:03:08Z",
    "cwe_ids": [
        "CWE-862"
    ],
    "nvd_published_at": "2014-10-03T14:55:00Z",
    "severity": "MODERATE",
    "github_reviewed": true
}

References

Affected packages

Packagist / in2code/femanager

Package

Name: in2code/femanager
Purl: pkg:composer/in2code/femanager

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.9