diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Administration/PasswordChangeController.php b/phpmyfaq/src/phpMyFAQ/Controller/Administration/PasswordChangeController.php
index 41103001a3..53e2bd1b2b 100644
--- a/phpmyfaq/src/phpMyFAQ/Controller/Administration/PasswordChangeController.php
+++ b/phpmyfaq/src/phpMyFAQ/Controller/Administration/PasswordChangeController.php
@@ -58,7 +58,7 @@ public function update(Request $request): Response
     {
         $this->userHasPermission(PermissionType::PASSWORD_CHANGE);
 
-        $csrfToken = Filter::filterVar($request->attributes->get('pmf-csrf-token'), FILTER_SANITIZE_SPECIAL_CHARS);
+        $csrfToken = Filter::filterVar($request->request->get('pmf-csrf-token'), FILTER_SANITIZE_SPECIAL_CHARS);
 
         if (!Token::getInstance($this->container->get(id: 'session'))->verifyToken('password', $csrfToken)) {
             throw new Exception('Invalid CSRF token');
@@ -73,10 +73,10 @@ public function update(Request $request): Response
             $authSource->enableReadOnly();
         }
 
-        $oldPassword = Filter::filterVar($request->attributes->get('faqpassword_old'), FILTER_SANITIZE_SPECIAL_CHARS);
-        $newPassword = Filter::filterVar($request->attributes->get('faqpassword'), FILTER_SANITIZE_SPECIAL_CHARS);
+        $oldPassword = Filter::filterVar($request->request->get('faqpassword_old'), FILTER_SANITIZE_SPECIAL_CHARS);
+        $newPassword = Filter::filterVar($request->request->get('faqpassword'), FILTER_SANITIZE_SPECIAL_CHARS);
         $retypedPassword = Filter::filterVar(
-            $request->attributes->get('faqpassword_confirm'),
+            $request->request->get('faqpassword_confirm'),
             FILTER_SANITIZE_SPECIAL_CHARS,
         );