[MEDIUM] XSS vulnerabililty in the front end "unsubscribe" module of the newsletter extension

PKSA-ypy6-knh4-dm44 CVE-2018-5478 GHSA-mpg7-2rx9-h5qp

Affected package: contao/core

Affected version: >=3.0.0,<3.5.32

Reported by:
FriendsOfPHP/security-advisories, GitHub