Inadequate escaping of mail addresses lead to XSS vulnerabilities in various components.
https://developer.joomla.org/security-centre/928-20240204-core-xss-in-mail-address-outputs.html
https://developer.joomla.org/security-centre/928-20240204-core-xss-in-mail-address-outputs.html