TYPO3-CORE-SA-2015-012: Cross-Site Scripting vulnerability in typolinks
All link fields within the TYPO3 installation are vulnerable to Cross-Site Scripting as authorized editors can insert javascript commands by using the url scheme “javascript:”.
References
Detect and mitigate TYPO3-CORE-SA-2015-012 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →