CVE-2025-7900
EPSS 0.20%Femanager extension for TYPO3 allows Insecure Direct Object Reference
發布日:2025/7/22修改日:2025/7/22
描述
The femanager extension for TYPO3 allows Insecure Direct Object Reference resulting in unauthorized modification of userdata. This issue affects femanager version 6.4.1 and below, 7.0.0 to 7.5.2 and 8.0.0 to 8.3.0.
受影響套件(1)
- Packagist/in2code/femanagerfrom 0, < 6.4.2
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |