typo3/cms-core is vulnerable to Information Disclosure. The vulnerability exists due to a lack of sanitization of log files in the ‘writeLogEntries’ function of ‘AbstractExceptionHandler.php’ which allows an unauthorized user to gain access to the system and view sensitive information.
github.com/TYPO3/typo3/commit/c93ea692e7dfef03b7c50fe5437487545bee4d6a
github.com/TYPO3/typo3/commit/f9a1f1830ab123374ddbeb10bd54a2dde1349011
github.com/TYPO3/typo3/commit/fb542d43c7e50fd723e393becf01259ae2f41250
github.com/TYPO3/typo3/security/advisories/GHSA-fh99-4pgr-8j99
typo3.org/security/advisory/typo3-core-sa-2022-002