GHSA-C5MJ-39CF-3PP5 TYPO3 Security Misconfiguration for Backend User Accounts

When using the TYPO3 backend in order to create new backend user accounts, database records containing insecure or empty credentials might be persisted. When the type of user account is changed - which might be entity type or the admin flag for backend users - the backend form is reloaded in orde...

PT-2024-40463 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 affected versions not specified Description: The issue arises when creating new backend user accounts in the TYPO3 backend, potentially leading to database records with insecure or empty credentials being persisted. This occurs when the...