TYPO3 Password Change Vulnerability in Backend User Management

A security vulnerability exists in TYPO3 versions 9.0.0 prior to 9.5.51 ELTS, 10.0.0 prior to 10.4.50 ELTS, 11.0.0 prior to 11.5.44 ELTS, 12.0.0 prior to 12.4.30 and 13.0.0 prior to 13.4.11 LTS. The issue arises because the backend user management interface allows password changes without requiring the current password for verification. This lack of authentication can be problematic if an admin session is hijacked or left unattended, as it enables unauthorized password changes.

Impact

Exploitation of this vulnerability could lead to unauthorized password changes in the backend user management interface, potentially allowing an attacker to gain unauthorized access to admin accounts, especially in cases where an admin session is compromised or unattended.

Remediation

Users are advised to update TYPO3 to versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS. In these versions, administrators must verify their identity through step-up authentication when changing backend user passwords.