Klaus-Günther Schmidt

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 8.7.57 ELTS TYPO3 versions prior to 9.5.46 ELTS TYPO3 versions prior to 10.4.43 ELTS TYPO3 versions prior to 11.5.35 LTS TYPO3 versions prior to 12.4.11 LTS TYPO3 versions prior to 13.0.1 **Description** The issue concerns password hashes being reflected in the editing forms of the TYPO3 backend user interface, allowing attackers to crack the plaintext password using brute force techniques. Exploiting this issue requires a valid backend user account. **Recommendations** Update to TYPO3 version 8.7.57 ELTS or later Update to TYPO3 version 9.5.46 ELTS or later Update to TYPO3 version 10.4.43 ELTS or later Update to TYPO3 version 11.5.35 LTS or later Update to TYPO3 version 12.4.11 LTS or later Update to TYPO3 version 13.0.1 or later