CVE-2020-26227: Cross-site Scripting
(updated )
TYPO3 is an open source PHP based web content management system. In TYPO3 the system extension Fluid (typo3/cms-fluid) of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers. Update to TYPO3 that fix the problem described.
References
Detect and mitigate CVE-2020-26227 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →