CVE-2014-6292: TYPO3 femanager extension allows remote frontend users to modify or delete records of other frontend users

May 13, 2022 (updated April 14, 2025)

The femanager extension before 1.0.9 for TYPO3 allows remote frontend users to modify or delete the records of other frontend users via unspecified vectors.

References

github.com/advisories/GHSA-377v-8637-6vq6
github.com/in2code-de/femanager
nvd.nist.gov/vuln/detail/CVE-2014-6292
typo3.org/security/advisory/typo3-ext-sa-2014-002

Code Behaviors & Features

Detect and mitigate CVE-2014-6292 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →