Medium severity5.3GHSA Advisory· Published May 21, 2025· Updated Apr 15, 2026
CVE-2025-48202
CVE-2025-48202
Description
The femanager extension through 8.2.1 for TYPO3 allows Insecure Direct Object Reference.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
in2code/femanagerPackagist | >= 8.0.0, < 8.2.2 | 8.2.2 |
in2code/femanagerPackagist | >= 7.0.0, < 7.4.2 | 7.4.2 |
in2code/femanagerPackagist | >= 6.0.0, < 6.4.1 | 6.4.1 |
in2code/femanagerPackagist | >= 5.5.0, < 5.5.5 | 5.5.5 |
Affected products
2- Range: >= 5.5.0, < 5.5.5
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-xxwr-wv9g-7jw3ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-48202ghsaADVISORY
- github.com/FriendsOfPHP/security-advisories/blob/master/in2code/femanager/CVE-2025-48202.yamlghsaWEB
- github.com/in2code-de/femanager/commit/54851f8f60254bd8060bdf7bc16d56f4de7bd828ghsaWEB
- typo3.org/security/advisory/typo3-ext-sa-2025-006nvdWEB
News mentions
0No linked articles in our index yet.