Internal users new and existing are unable to reset or set their password via email notification

Issue Summary

After upgrading to the latest fixed release internal directory users are unable to reset their forgotten passwords or any accounts created with the password box checked so users receive an email to set their password does not work.

This is reproducible on Data Center: (yes)

Steps to Reproduce

1. Upgrade/install to the latest fixed version of Confluence. (Multiple affected currently, might be all latest.)
2. Get a user to click the forgotten password link
3. Try resetting that password via the email
4. You receive a system error

1. Upgrade to the latest fixed version of Confluence. (Multiple affected currently, might be all latest.)
2. As admin create a new user and select the option to send an email to the user to set their own password
3. You receive the same system error when trying to save the new password

It's been reported Confluence connected to Crowd with only local Crowd user directories is also affected.

Expected Results

The password is changed as expected.

Actual Results

Any password reset/set from email apart from an invitation sign up link results in the same error.

http://localhost:27137/c7137/resetuserpassword.action?username=<USERNAME>&token=<TOKEN>

/c7137/doresetuserpassword.action

Logs

atl_token : d6de26b226a4604abba1e1c16c0c492f9f8e260d│token : 81ed7c5defa1c711266f1c3f19ae452d34155d4│username : test5│confirm : Reset│caused by: com.atlassian.confluence.core.InsufficientPrivilegeException: User [Anonymous] does not have the required privileges.│at com.atlassian.confluence.user.DefaultUserAccessor.alterPassword(DefaultUserAccessor.java:1071) 

2022-06-08 15:39:43,643 ERROR [http-nio-27137-exec-5] [atlassian.confluence.servlet.ConfluenceServletDispatcher] sendError Could not execute action
│ -- referer: http://localhost:27137/c7137/resetuserpassword.action?username=test6&token=9ad2133e4aad38cc7667184778dbdb943cf23c95 | url: /c7137/doresetuserpassword.action | traceId: 0b53fa96ad7c746c | userName: anonymous
│com.atlassian.confluence.core.InsufficientPrivilegeException: User [Anonymous] does not have the required privileges.
│       at com.atlassian.confluence.user.DefaultUserAccessor.alterPassword(DefaultUserAccessor.java:1071)
│       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
│       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
│       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
│       at java.lang.reflect.Method.invoke(Method.java:498)

Workaround

Option 1 for existing users

1. It's reported it's possible for admins to reset the password from user management
2. Then the user can manually change it it under their profile - that method is not affected

Option 2 for new users

1. Send the invitation link instead of creating the accounts. That allows them to enter all details and the password is saved.
   1. Or create the account but set the password and allow them to change it as above