CSRF in extension "Change password for frontend users" (fe_change_pwd)

Tue. 17th December, 2019

It has been discovered that the extension "Change password for frontend users" (fe_change_pwd) is susceptible to Cross-Site-Request-Forgery (CSRF).


This is a companion discussion topic for the original entry at https://typo3.org/article/typo3-ext-sa-2019-020