VYPR
Critical severityNVD Advisory· Published Dec 14, 2022· Updated Apr 21, 2025

CVE-2022-47406

CVE-2022-47406

Description

An issue was discovered in the fe_change_pwd (aka Change password for frontend users) extension before 2.0.5, and 3.x before 3.0.3, for TYPO3. The extension fails to revoke existing sessions for the current user when the password has been changed.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
typo3/cmsPackagist
< 2.0.52.0.5
typo3/cmsPackagist
>= 3.0.0, < 3.0.33.0.3
derhansen/fe_change_pwdPackagist
>= 3.0.0, < 3.0.33.0.3
derhansen/fe_change_pwdPackagist
< 2.0.52.0.5

Affected products

3

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.