WordPress is vulnerable to cross site scripting. The vulnerability exists due to an Inappropriate implementation allowed a remote privileged authenticated users to abuse content security policy.
github.com/WordPress/wordpress-develop/security/advisories/GHSA-699q-3hj9-889w
lists.debian.org/debian-lts-announce/2022/01/msg00019.html
lists.fedoraproject.org/archives/list/[email protected]/message/CV4UNEC63UU5GEU47IIR4RMTZAHNEOJG/
lists.fedoraproject.org/archives/list/[email protected]/message/DM6XPH3JN6V4NF4WBOJTOXZIVE6VKKE3/
security-tracker.debian.org/tracker/CVE-2022-21662
wordpress.org/news/2022/01/wordpress-5-8-3-security-release/
www.debian.org/security/2022/dsa-5039