ГлавнаяУязвимости → CVE-2026-6553
7.5высокая

CVE-2026-6553

Описание

Changing backend users' passwords via the user settings module results in storing the cleartext password in the uc and user_settings fields of the be_users database table. This issue affects TYPO3 CMS version 14.2.0.

Затрагиваемое ПО
Typo3 Typo3
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://github.com/TYPO3/typo3/commit/9a6e913f70767f63b322ae3e2d2f4e302624c291https://typo3.org/security/advisory/typo3-core-sa-2026-005