Low severity3.1NVD Advisory· Published Jan 14, 2025· Updated Jun 17, 2026
CVE-2024-55891
CVE-2024-55891
Description
TYPO3 is a free and open source Content Management Framework. It has been discovered that the install tool password has been logged as plaintext in case the password hashing mechanism used for the password was incorrect. Users are advised to update to TYPO3 versions 13.4.3 ELTS which fixes the problem described. There are no known workarounds for this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
typo3/cms-installPackagist | >= 13.4.2, < 13.4.3 | 13.4.3 |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/TYPO3/typo3/security/advisories/GHSA-38x7-cc6w-j27qnvdVendor AdvisoryWEB
- github.com/advisories/GHSA-38x7-cc6w-j27qghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-55891ghsaADVISORY
- typo3.org/security/advisory/typo3-core-sa-2025-001nvdVendor AdvisoryWEB
- github.com/TYPO3-CMS/install/commit/baa8089b1baf5552fab213a5761081608b0afc51ghsaWEB
News mentions
0No linked articles in our index yet.