[MEDIUM] TYPO3-CORE-SA-2020-002: Cross-Site Scripting in Form Engine

PKSA-k1cr-xs53-x3zz CVE-2020-11064 GHSA-43gj-mj2w-wh46

Affected package: typo3/cms-core

Affected version: >=10.0.0,<10.4.2|>=9.0.0,<9.5.17

Reported by:
GitHub, FriendsOfPHP/security-advisories