Vulnerabilities > In2Code > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-29 | CVE-2024-45232 | Authorization Bypass Through User-Controlled Key vulnerability in In2Code Powermail An issue was discovered in powermail extension through 12.3.5 for TYPO3. | 5.3 |
| 2023-12-12 | CVE-2022-44543 | Unspecified vulnerability in In2Code Femanager The femanager extension before 5.5.2, 6.x before 6.3.3, and 7.x before 7.0.1 for TYPO3 allows creation of frontend users in restricted groups (if there is a usergroup field on the registration form). | 5.3 |
| 2021-08-13 | CVE-2021-36787 | Cross-site Scripting vulnerability in In2Code Femanager The femanager extension before 5.5.1 and 6.x before 6.3.1 for TYPO3 allows XSS via a crafted SVG document. | 5.4 |