silverstripe/cms is vulnerable to cross-site scripting. The vulnerability exists due to lack of validation in the custom meta tag tool in SiteTree.php
which allows a remote attacker to inject and execute malicious JavaScript into the system.
forum.silverstripe.org/c/releases
github.com/advisories/GHSA-pp74-g2q5-j4jf
github.com/silverstripe/silverstripe-cms/commit/8526067c738cb44179b102c6ac20a8b666c2ca56
www.silverstripe.org/blog/tag/release
www.silverstripe.org/download/security-releases/
www.silverstripe.org/download/security-releases/CVE-2022-37421