EPSS
Percentile
26.2%
typo3/cms-backend is vulnerable to cross-site scripting. An authenticated malicious user is able to inject and execute malicious script via the descriptionColumn when their content gets previewed.
github.com/TYPO3-CMS/backend/commit/ab45a6b01ae7641505af0fe4d5a52507b2801d87
github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-fjh3-g8gq-9q92
packagist.org/packages/typo3/cms-backend
typo3.org/security/advisory/typo3-core-sa-2021-007