diff --git a/src/Controller/UserController.php b/src/Controller/UserController.php
index dbd47f84d..a02c92658 100644
--- a/src/Controller/UserController.php
+++ b/src/Controller/UserController.php
@@ -72,7 +72,7 @@ public function changePassword(
 
             // The logout method applies an automatic protection against CSRF attacks;
             // it's explicitly disabled here because the form already has a CSRF token validated.
-            return $security->logout(validateCsrfToken: false);
+            return $security->logout(validateCsrfToken: false) ?? $this->redirectToRoute('homepage');
         }
 
         return $this->render('user/change_password.html.twig', [