GHSA-FV2M-9249-QX85 TYPO3 CMS vulnerable to Cross-Site Scripting in <f:asset.css> view helper
Meta CVSS: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C 4.1 Problem It has been discovered that the f:asset.css view helper is vulnerable to cross-site scripting when user input is passed as variables to the CSS. Solution Update to TYPO3 version 10.4.32 or 11.5.16 that fix the probl...