[MEDIUM] Cross-Site Scripting in Fluid ViewHelpers

PKSA-x7y9-5n9c-2k2x GHSA-f3wf-q4fj-3gxf

Affected package: typo3/cms

Affected version: >=8.0.0,<8.7.23|>=9.0.0,<9.5.4

Reported by:
GitHub, FriendsOfPHP/security-advisories