Drupal 8.x

Drupal: 8.9.16
PHP: 7.2.34
MySQL: 5.7.28

As a result of a website vulnerability assessment, the following value on the node submission confirmation screen was found to be a cross-site scripting vulnerability.

The site said that the following values are considered cross-site scripting vulnerabilities.

Image field [Description]
Text (plain, long) field

I couldn't find any place to escape these fields.
How should I handle this?

Thank you.

Hey Devs,

I've been tasked with adding an alt to all images of a certain content type.

Each node from the content type may consider 1 or more images.
For now, I have to add the title of the node as the alt for each image.

Proposed Solution:

Hi,

I have a field called "Facsimiles" on my content nodes where I load openseadragon.js locally and everything works just fine. (example: https://fontesistrie.eu/507_CV)

Friends, in Drupal 10 I am suffering much more than expected to be able to do what I did in Drupal 7.
I know that Drupal has changed a lot since version 8.
The question is: should I have installed Drupal 9 because I will have less problems with instabilities and module incompatibilities? or follow on Drupal 10?
What is the opinion of expert friends?
Thanks!

I'm upgrading a Drupal 8.9.19 site to Drupal 9. I imagine it wouldn't be as simple as going straight to 9.5.7, is there a suggested upgrade path to get there?

I also have a number of modules which are out of date. I don't know whether to upgrade these first, or try to run the 8->9 upgrade and then run the module updates after?

p.s. The reason I can only go as high as Drupal 9 is a module dependency (CiviCRM) that is only supported up to Drupal 9 at the moment.

Thanks!