Typo3 Cross-Site Scripting in Language Pack Handling

Published: Jun 5, 2024
Updated: Jun 27, 2024
GHSA: <a href="https://github.com/advisories/GHSA-259v-xm34-p7fr" target="_blank" rel="noopener"> GHSA-259v-xm34-p7fr
Severity: Medium
Exploit:

Failing to properly encode information from external sources, language pack handling in the install tool is vulnerable to cross-site scripting.