Here is a list of what was fixed since 11.5.22:

• 2023-02-07 03f79d4d1b [RELEASE] Release of TYPO3 11.5.23 (thanks to Oliver Hader)
• 2023-02-07 b809408340 [SECURITY] Prevent XSS due to wrong PATH_INFO evaluation (thanks to Benjamin Franzke)
• 2023-02-07 c008616da3 [TASK] Improve comments and readability in PageArgumentValidator (thanks to Benjamin Franzke)
• 2023-02-07 adaa7dc03c [BUGFIX] Avoid disabling page caches when having cHash validation enforced (thanks to Oliver Hader)
• 2023-02-06 840f8af3ea [BUGFIX] Enforce validation when no cHash is given (thanks to Benni Mack)
• 2023-02-04 fa9a99f2f8 [TASK] Update PHP dependencies (thanks to Benni Mack)
• 2023-02-04 031cbb66f0 [TASK] Migrate deprecated PHPUnit 9 methods (thanks to Nikita Hovratov)
• 2023-02-03 90b8572246 [BUGFIX] Fix PHP 8 warning in ExtendedTemplateService (thanks to Thomas Hohn)
• 2023-02-02 c5fe4ed0ab [BUGFIX] Avoid re-paints and re-layouts in page tree on drag&drop (thanks to Andreas Fernandez)
• 2023-02-01 a7bc75b469 [BUGFIX] Fix PHP 8 warning in RootlineUtility (thanks to Thomas Hohn)
• 2023-02-01 25c504c328 [BUGFIX] Fix PHP 8 warning in ContentObjectRenderer (thanks to Thomas Hohn)
• 2023-02-01 eb918cff11 [TASK] Cleanup of type for sameBeginEnd in ContentObjectRenderer (thanks to Thomas Hohn)
• 2023-01-31 ed71a0e451 [DOCS] Fix typo in argument numbers in migration section (thanks to Česlav Przywara)
• 2023-01-30 60b87b18b7 [BUGFIX] Prevent possible null pointer exception in data processors (thanks to Oliver Bartsch)
• 2023-01-27 df81e5c358 [TASK] Replace localization methods in PageLayoutController (thanks to Andreas Fernandez)
• 2023-01-27 9f9fcff1d3 [BUGFIX] Respect titleLen setting for page title in page module (thanks to Oliver Bartsch)
• 2023-01-27 6f78ef21c3 [BUGFIX] Fix PHP 8 warning in BackendUtility (thanks to Thomas Hohn)
• 2023-01-26 031920a282 [BUGFIX] Use correct language constraint in PageLayoutController (thanks to Oliver Bartsch)
• 2023-01-26 6ad764a4a4 [BUGFIX] Use correct object to build "copy" payload (thanks to Andreas Fernandez)
• 2023-01-25 8ca13f87ce [BUGFIX] Set proper groups in AdminPanel (thanks to Achim Fritz)
• 2023-01-25 089fd4c582 [BUGFIX] Fix PHP 8 warning in AbstractPlugin (thanks to Benni Mack)
• 2023-01-25 7ddd89e605 [BUGFIX] Restore record date fields for all users (thanks to Oliver Bartsch)
• 2023-01-24 d00b800261 [BUGFIX] Fix PHP 8 warning in ContentObjectRenderer (thanks to Thomas Hohn)
• 2023-01-24 e83051ca96 [BUGFIX] Fix PHP 8 warning in TMENU (thanks to Benni Mack)
• 2023-01-24 284985758e [BUGFIX] Fix undefined key warning in indexed_search (thanks to Benni Mack)
• 2023-01-24 8e56d00426 [BUGFIX] Fix PHP warning in Recycler (thanks to Benni Mack)
• 2023-01-24 eceec87811 [BUGFIX] Fix PHP 8 warning in TreeDataProvider (thanks to Benni Mack)
• 2023-01-24 dde772e3ce [BUGFIX] Fix PHP 8 warning in ContentObjectRenderer (thanks to Benni Mack)
• 2023-01-23 94a90d426c [BUGFIX] Enforce processing images stored in typo3temp (thanks to Oliver Hader)
• 2023-01-23 55b722720d [BUGFIX] Handle disabled default language in PageContentErrorHandler (thanks to Oliver Bartsch)
• 2023-01-23 540bdd8052 [BUGFIX] Prevent duplicate ckeditor instances when moving inline fields (thanks to Nikita Hovratov)
• 2023-01-23 008068ba8d [BUGFIX] Fix notice in FrontendConfigurationManager (thanks to Georg Ringer)
• 2023-01-22 151dc97832 [BUGFIX] Make http_makelinks more fault tolerant (thanks to Thomas Hohn)
• 2023-01-20 85c8b734a9 [BUGFIX] Make SITE: placeholder work in foreign_selector (thanks to David Blatter)
• 2023-01-20 a6af00eb99 [BUGFIX] Do not trigger setUpdateSignal in CLI (thanks to Benni Mack)
• 2023-01-20 e3b1dd7c10 [DOCS] Add hint about relative targets in redirects (thanks to Josef Glatz)
• 2023-01-19 b1e7db956e [BUGFIX] Prevent PHP fatal error in scheduler (thanks to linawolf)
• 2023-01-18 fac14109df [DOCS] Add hint to HtmlViewHelper about avoiding usage in backend context (thanks to Chris Müller)
• 2023-01-18 44fc8221d3 [BUGFIX] Avoid logging of invalid locales in site configuration (thanks to Benni Mack)
• 2023-01-17 a0c0e57a7b [BUGFIX] Allow CSP inline styles in directly requested SVG files (thanks to Oliver Hader)
• 2023-01-17 504abbed30 [BUGFIX] Handle absolute web paths in FormEngineUtility::getIconHtml (thanks to Nikita Hovratov)
• 2023-01-17 4cc434ad40 [BUGFIX] Avoid undef array key in TcaRecordTitle (thanks to Christian Kuhn)
• 2023-01-17 789a9ad651 [BUGFIX] Mute autoplayed videos (thanks to Georg Ringer)
• 2023-01-17 69f66f64d2 [TASK] Update to PHPStan 1.9.12 (thanks to Oliver Klee)
• 2023-01-17 cb73bb2a7f [BUGFIX] Avoid undef array key in SearchController (thanks to Christian Kuhn)
• 2023-01-17 2b65aef1f8 [BUGFIX] Avoid undef array key in QueryGenerator (thanks to Christian Kuhn)
• 2023-01-17 ac629148b6 [BUGFIX] Respect HTTP_REFERER for felogin redirect mode 'referer' (thanks to Torben Hansen)
• 2023-01-16 222b86b49f [BUGFIX] Deduplicate slugs with language -1 (thanks to Sybille Peters)
• 2023-01-16 6b6edb6ea7 [TASK] Show explain selection in DB check only for Mysql (thanks to Georg Ringer)
• 2023-01-16 9e5cda6b7d [DOCS] Move adminpanel TypoScript into manual (thanks to linawolf)
• 2023-01-16 35dec1645c [BUGFIX] Harden type annotations around user authentication handling (thanks to Elias Häußler)
• 2023-01-13 8c1bba317a [BUGFIX] Save+preview respects local PageTS (thanks to Philipp Kitzberger)
• 2023-01-12 29d4ecc1a6 [BUGFIX] Avoid double hsc() in NoneElement (thanks to Christian Kuhn)
• 2023-01-11 439e6c29c8 [BUGFIX] Ensure that formatValue for dates/times returns a string (thanks to Markus Klein)
• 2023-01-11 9f6adb9b6a [BUGFIX] Fix notices in QueryGenerator (thanks to Georg Ringer)
• 2023-01-11 690ce5e42e [BUGFIX] Avoid undef array key in ContentObjectRenderer (thanks to Christian Kuhn)
• 2023-01-11 30fa767c58 [BUGFIX] Avoid uninitialized string offset in ContentObjectRenderer (thanks to Christian Kuhn)
• 2023-01-10 4a8fbff21b [TASK] Set TYPO3 version to 11.5.23-dev (thanks to Benni Mack)