TYPO3 Cross-Site Scripting in Language Pack Handling

Published: May 30, 2024
Updated: Jun 27, 2024
GHSA: <a href="https://github.com/advisories/GHSA-76r3-m635-p3vc" target="_blank" rel="noopener"> GHSA-76r3-m635-p3vc
Severity: Medium
Exploit:

Failing to properly encode information from external sources, language pack handling in the install tool is vulnerable to cross-site scripting.