CVE-2021-32667
TYPO3 is vulnerable to a persistent cross-site scripting (XSS) in the Page TSconfig-driven Web>View page preview. A backend user is needed to exploit. Affected are TYPO3 CMS versions: 9.0.0–9.5.28, 10.0.0–10.4.17, and 11.0.0–11.3.0. The issue arises when Page TSconfig settings are not properly...