[MEDIUM] TYPO3-CORE-SA-2022-010: Cross-Site Scripting in <f:asset.css> view helper

PKSA-wjjh-fbmt-t55w CVE-2022-36108 GHSA-fv2m-9249-qx85

Affected package: typo3/cms-core

Affected version: >=10.0.0,<10.4.32|>=11.0.0,<11.5.16

Reported by:
GitHub, FriendsOfPHP/security-advisories