Description
The filter in the tag manager required extra sanitizing to prevent a reflected XSS risk. This affects 3.9 to 3.9.1, 3.8 to 3.8.4, 3.7 to 3.7.7, 3.5 to 3.5.13 and earlier unsupported versions. Fixed in 3.9.2, 3.8.5, 3.7.8 and 3.5.14.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2022-21624 Vulnerability (CVE-2022-21624)
Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.20)
MySQL CVE-2020-14829 Vulnerability (CVE-2020-14829)
WordPress Plugin WordPress Facebook Multiple Cross-Site Scripting Vulnerabilities (1.0.10)
WordPress Plugin Google Doc Embedder Multiple Vulnerabilities (2.6.1)