[MEDIUM] Cross-Site Scripting in Fluid Engine

PKSA-tttn-qhs1-tx1g CVE-2020-15241 GHSA-7733-hjv6-4h47

Affected package: typo3fluid/fluid

Affected version: >=2.0.0,<2.0.5|>=2.1.0,<2.1.4|>=2.2.0,<2.2.1|>=2.3.0,<2.3.5|>=2.4.0,<2.4.1|>=2.5.0,<2.5.5|>=2.6.0,<2.6.1

Reported by:
GitHub, FriendsOfPHP/security-advisories