[MEDIUM] Cross-Site Scripting in legacy form component

PKSA-8b88-yvbs-1t53 GHSA-8j9v-4hhh-x43c

Affected package: typo3/cms

Affected version: >=6.2.0,<6.2.18

Reported by:
GitHub, FriendsOfPHP/security-advisories