An issue was discovered in the fe_change_pwd (aka Change password for frontend users) extension before 2.0.5, and 3.x before 3.0.3, for TYPO3. The extension fails to revoke existing sessions for the current user when the password has been changed.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://typo3.org/security/advisory/typo3-ext-sa-2022-016 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-12-14T00:00:00
Updated: 2024-08-03T14:55:07.663Z
Reserved: 2022-12-14T00:00:00
Link: CVE-2022-47406
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-12-14T21:15:13.710
Modified: 2022-12-19T15:35:15.687
Link: CVE-2022-47406
Redhat
No data.