Lucene search

K
osvGoogleOSV:GHSA-374W-GWQR-FMXG
HistoryJun 17, 2022 - 9:46 p.m.

brotkrueml/schema fails to properly encode user input for output in HTML context, leading to XSS

2022-06-1721:46:14
Google
osv.dev
15
xss
typo3
vulnerability

EPSS

0.001

Percentile

22.7%

The extension fails to properly encode user input for output in HTML context. A TYPO3 backend user account is required to exploit the vulnerability.

EPSS

0.001

Percentile

22.7%