typo3/cms-backend is vulnerable to cross-site scripting. An authenticated malicious user is able to inject and execute malicious script via the content elements of type menu when their referenced items get previewed in the page module.
CPE | Name | Operator | Version |
---|---|---|---|
typo3/cms-backend | le | v11.1.0 | |
typo3/cms-backend | le | v10.4.13 |