Cross-Site Scripting in legacy form component

PKSA-8b88-yvbs-1t53

Affected package: typo3/cms

Affected version: >=6.2.0,<6.2.18

Reported by:
FriendsOfPHP/security-advisories