innologi/typo3-appointments is vulnerable to cross-site scripting (XSS) attacks. The library does not properly escape the special characters before it outputs to the front-end, allowing an attacker to inject and execute malicious JavaScript via various formfield
values.
CPE | Name | Operator | Version |
---|---|---|---|
innologi/typo3-appointments | le | 2.0.5 | |
innologi/typo3-appointments | le | 2.0.5 |