Cross-site Scripting in eZFind spellcheck
This security advisory fixes a vulnerability in the legacy eZ Find extension, which can be used with the LegacyBridge in eZ Platform. It affects sites using the "Did you mean…?" spell check / search suggestion feature. This feature is vulnerable to Cross-site Scripting (XSS) injection (reflected XSS). The update adds the necessary escaping of injected code. If you're affected, we recommend that you install it as soon as possible. If …