[MEDIUM] Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in typo3/cms-form

PKSA-yhyy-7dgg-qhcw CVE-2021-21358 GHSA-x79j-wgqv-g8h2

Affected version: >=11.0.0,<=11.1.0|>=10.2.0,<=10.4.13

Reported by:
GitHub

[HIGH] Broken Access Control in Form Framework

PKSA-4b8g-5w89-fbw3 CVE-2021-21357 GHSA-3vg7-jw9m-pc3f

Affected version: >=11.0.0,<=11.1.0|>=10.0.0,<=10.4.13|>=9.0.0,<=9.5.24|>=8.0.0,<=8.7.39

Reported by:
GitHub

[HIGH] Unrestricted File Upload in Form Framework

PKSA-nkrd-9vf5-fnjp CVE-2021-21355 GHSA-2r6j-862c-m2v2

Affected version: >=11.0.0,<=11.1.0|>=10.0.0,<=10.4.13|>=9.0.0,<=9.5.24|>=8.0.0,<=8.7.39

Reported by:
GitHub