EPSS
Percentile
21.2%
typo3/cms-core is vulnerable to cross-site scripting (XSS). The vulnerability exists as decoded entities generated by the typolink functionality were not encoded back to HTML before it gets rendered.
github.com/advisories/GHSA-4j77-gg36-9864
github.com/TYPO3/TYPO3.CMS/commit/0040b7b3b690118b3acbb12619d318386dec5a33
github.com/TYPO3/TYPO3.CMS/commit/931a4fc070a19b368830cad2631b10d94fc63f81
github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4j77-gg36-9864