The Front End User Registration extension for TYPO3 (sr_feuser_register) Remote Code Execution
The sr_feuser_register extension through 12.4.8 for TYPO3 allows Remote Code Execution via unsafe deserialization.
Advisories for Composer/Sjbr/Sr-Feuser-Register package
2025
The Front End User Registration extension for TYPO3 (sr_feuser_register) allows Insecure Direct Object Reference
The sr_feuser_register extension through 12.4.8 for TYPO3 allows Insecure Direct Object Reference. This allows attackers to read arbitrary files.
2022
Front End User Registration (sr_feuser_register) extension for TYPO3 allows remote attackers to obtain user names, passwords
The Front End User Registration (sr_feuser_register) extension before 2.6.2 for TYPO3 allows remote attackers to obtain user names and passwords via the (1) edit perspective or (2) autologin feature.
Frontend User Registration extension for TYPO3 does not properly verify access rights
Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information such as passwords via unknown attack vectors.