XSS injection in backoffice

PKSA-ypt7-9px1-jhvb

Affected version: >=2.1.0,<2.1.2

Reported by:
FriendsOfPHP/security-advisories