GMS-2022-8135: Duplicate of ./packagist/typo3/cms-core/CVE-2022-23502.yml
Problem
When users reset their password using the corresponding password recovery functionality, existing sessions for that particular user account were not revoked. This applied to both frontend user sessions and backend user sessions.
Solution
Update to TYPO3 versions 10.4.33, 11.5.20, 12.1.1 that fix the problem described above.
References
References
Detect and mitigate GMS-2022-8135 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →