typo3/cms is vulnerable to HTML injection. The vulnerability exists due to the lack of sanitization used in the receiverName
parameter in PasswordRecovery.html
, allowing an attacker to inject and execute malicious html content on the web page.
github.com/TYPO3/typo3/commit/479363285cda70d0eefc605d67f1a49f0bdf9b44
github.com/TYPO3/typo3/commit/7d46791c9092db9bc46193f3d10a64e575c1b35a
github.com/TYPO3/typo3/commit/da611775f92102d7602713003f4c79606c8a445d
github.com/TYPO3/typo3/security/advisories/GHSA-h4mx-xv96-2jgm
review.typo3.org/c/Packages/TYPO3.CMS/+/74895
typo3.org/security/advisory/typo3-core-sa-2022-004