GHSA-gvxv-p9rv-gmcg: Cross-Site Scripting

The extension fails to properly encode user input for output in HTML context. A TYPO3 backend user account is required to exploit the vulnerability.