Typo3 · Typo3 · CVE-2022-31048
**Name of the Vulnerable Software and Affected Versions**
TYPO3 versions prior to 8.7.47 ELTS
TYPO3 versions prior to 9.5.34 ELTS
TYPO3 versions prior to 10.4.29
TYPO3 versions prior to 11.5.11
**Description**
The Form Designer backend module of the Form Framework in TYPO3 is vulnerable to cross-site scripting. A valid backend user account with access to the form module is needed to exploit this issue.
**Recommendations**
Update to TYPO3 version 8.7.47 ELTS or later
Update to TYPO3 version 9.5.34 ELTS or later
Update to TYPO3 version 10.4.29 or later
Update to TYPO3 version 11.5.11 or later