Typo3 · Typo3/Cms · CVE-2026-6553
**Name of the Vulnerable Software and Affected Versions**
TYPO3 CMS version 14.2.0
**Description**
Changing backend users passwords through the user settings module causes the cleartext password to be stored in the `uc` and `user settings` fields of the `be users` database table.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.