Headline
GHSA-p5c5-gmj4-g48f: Cross-Site Scripting (XSS) vulnerability in typolinks
All link fields within the TYPO3 installation are vulnerable to Cross-Site Scripting as authorized editors can insert data commands by using the url scheme "data:".
Cross-Site Scripting (XSS) vulnerability in typolinks
Moderate severity GitHub Reviewed Published Jun 5, 2024 to the GitHub Advisory Database • Updated Jun 5, 2024