CVE-2024-55891

Name of the Vulnerable Software and Affected Versions TYPO3 versions prior to 13.4.3 ELTS

Description A problem has been discovered where the install tool password is logged as plaintext if the password hashing mechanism used for the password was incorrect. There are no known workarounds for this issue. Users are advised to update to a fixed version.

Recommendations Update to TYPO3 version 13.4.3 ELTS, which fixes the problem described. As a temporary workaround, consider restricting access to the install tool until the update is applied.