Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
TYPO3 before 4.3.4 and 4.4.x before 4.4.1 allows XSS in the textarea view helper in an extbase extension.
Advisories for Composer/Typo3/Cms-Fluid package
2022
TYPO3 before 4.3.4 and 4.4.x before 4.4.1 allows XSS in the textarea view helper in an extbase extension.