[Security] prevent user to input multiline value

Since the configuration module write the value as tsconfig in the sysfolder,
it was possible for user to send multiline value through the module. This fix will
ignore multiline value and only saves first line as tsconfig value

Classes/Utility/TsUtility.php

@@ -62,7 +62,13 @@ public function updatePagesTSconfig(int $id, array $pageTs, string $tsConfPrefix
             }
             $set = [];
             foreach ($pageTs as $f => $v) {
-                $v = trim($v);
+                // only get the first line of input and ignore the rest
+                $v = strtok(trim($v), "\r\n");
+                // if token is not found (false)
+                if ($v === false) {
+                    // then set empty string
+                    $v = '';
+                }
                 $f = $tsConfPrefix . $f;
                 $tempF = isset($impParams[$f]) ? trim($impParams[$f]) : '';
                 if (strcmp($tempF, $v)) {

ext_emconf.php

@@ -9,7 +9,7 @@
     'author_company' => 'd.k.d Internet Service GmbH',
     'state' => 'stable',
     'clearcacheonload' => 0,
-    'version' => '9.5.1',
+    'version' => '9.5.2',
     'constraints' => [
         'depends' => [
             'typo3' => '11.5.0-11.99.99',