CNNVD-202507-2870 Information

CNNVD ID

CNNVD-202507-2870

Related CVE

CVE-2025-7900

• CNNVD Published: 2025-07-22

Description (Chinese)

TYPO3 femanager是TYPO3开源的一个TYPO3扩展。 TYPO3 femanager 6.4.1及之前版本、7.0.0至7.5.2版本和8.0.0至8.3.0版本存在安全漏洞，该漏洞源于不安全的直接对象引用，可能导致未经授权修改用户数据。

Description (English)

TYPO3 femanager is a TYPO3 extension of TYPO3 open source. TYPO3 femanager 6.4.1 and earlier versions, 7.0.0 to 7.5.2 and 8.0.0 to 8.3.0 have security loopholes, which are the result of unsafe direct reference and may lead to unauthorized changes in user data.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

TYPO3

Published

2025-07-22

Last Modified

2026-02-24

References

https://typo3.org/security/advisory/typo3-ext-sa-2025-010 https://nvd.nist.gov/vuln/detail/CVE-2025-7900 https://vigilance.fr/vulnerability/TYPO3-femanager-user-access-via-identity-47778

Patch

https://extensions.typo3.org/extension/femanager