Description
The femanager extension for TYPO3 allows Insecure Direct Object Reference resulting in unauthorized modification of userdata. This issue affects femanager version 6.4.1 and below, 7.0.0 to 7.5.2 and 8.0.0 to 8.3.0
Remediation
References
Related Vulnerabilities
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-0827)
WordPress Plugin ClickBank Affiliate Ads Multiple Vulnerabilities (1.7)
Serendipity Other Vulnerability (CVE-2005-1448)
WordPress Plugin Slimstat Analytics SQL Injection (4.9.3.2)
WordPress Plugin WordPress Download Manager Cross-Site Scripting (2.5.8)