GHSA-p5c5-gmj4-g48f: Cross-Site Scripting (XSS) vulnerability in typolinks
All link fields within the TYPO3 installation are vulnerable to Cross-Site Scripting as authorized editors can insert data commands by using the url scheme “data:”.
References
Detect and mitigate GHSA-p5c5-gmj4-g48f with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →