[MEDIUM] Cross-Site Scripting in Online Media Asset Rendering

PKSA-qszd-7zv5-3hkx GHSA-66c2-7g4p-wx4p

Affected package: typo3/cms-core

Affected version: >=8.0.0,<8.7.21|>=9.0.0,<9.5.2

Reported by:
GitHub, FriendsOfPHP/security-advisories