diff --git a/CHANGELOG.md b/CHANGELOG.md
index 948d2cfe1..42454f579 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,13 @@
+# Changelog
+
+## [v1.29.2](https://github.com/symfony/maker-bundle/releases/tag/v1.29.2)
+
+*May 18th, 2021*
+
+### Security
+
+- [#882](https://github.com/symfony/maker-bundle/pull/882) - [security] fix cve-2021-21424 legacy Symfony 3.x + MakerBundle- *@jrushlow*
+
 1.29
 ====
 
diff --git a/src/Resources/skeleton/authenticator/LoginFormAuthenticator.tpl.php b/src/Resources/skeleton/authenticator/LoginFormAuthenticator.tpl.php
index ba578bd0f..16e06e214 100644
--- a/src/Resources/skeleton/authenticator/LoginFormAuthenticator.tpl.php
+++ b/src/Resources/skeleton/authenticator/LoginFormAuthenticator.tpl.php
@@ -9,8 +9,8 @@
 use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 <?= $user_needs_encoder ? "use Symfony\\Component\\Security\\Core\\Encoder\\UserPasswordEncoderInterface;\n" : null ?>
-use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
 use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException;
+use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
 use Symfony\Component\Security\Core\Security;
 use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Component\Security\Core\User\UserProviderInterface;
@@ -74,7 +74,7 @@ public function getUser($credentials, UserProviderInterface $userProvider)
 
         if (!$user) {
             // fail authentication with a custom error
-            throw new CustomUserMessageAuthenticationException('<?= ucfirst($username_field_label) ?> could not be found.');
+            throw new UsernameNotFoundException('<?= ucfirst($username_field_label) ?> could not be found.');
         }
 
         return $user;
diff --git a/tests/fixtures/MakeRegistrationFormVerifyEmailFunctionalTest/src/Security/LoginFormAuthenticator.php b/tests/fixtures/MakeRegistrationFormVerifyEmailFunctionalTest/src/Security/LoginFormAuthenticator.php
index 30f5d2786..b1bc8c6d4 100644
--- a/tests/fixtures/MakeRegistrationFormVerifyEmailFunctionalTest/src/Security/LoginFormAuthenticator.php
+++ b/tests/fixtures/MakeRegistrationFormVerifyEmailFunctionalTest/src/Security/LoginFormAuthenticator.php
@@ -9,8 +9,8 @@
 use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
-use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
 use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException;
+use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
 use Symfony\Component\Security\Core\Security;
 use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Component\Security\Core\User\UserProviderInterface;
@@ -70,7 +70,7 @@ public function getUser($credentials, UserProviderInterface $userProvider)
         $user = $this->entityManager->getRepository(User::class)->findOneBy(['email' => $credentials['email']]);
 
         if (!$user) {
-            throw new CustomUserMessageAuthenticationException('Email could not be found.');
+            throw new UsernameNotFoundException('Email could not be found.');
         }
 
         return $user;