diff --git a/typo3/sysext/core/Classes/Utility/RootlineUtility.php b/typo3/sysext/core/Classes/Utility/RootlineUtility.php
index 13e661495de4053fea75ea03cc837c217773396f..f4867a4273d61d926e641b0a8684eb557f092f4e 100644
--- a/typo3/sysext/core/Classes/Utility/RootlineUtility.php
+++ b/typo3/sysext/core/Classes/Utility/RootlineUtility.php
@@ -133,7 +133,7 @@ class RootlineUtility
      */
     public function __construct($uid, $mountPointParameter = '', $context = null)
     {
-        $this->mountPointParameter = trim((string)$mountPointParameter);
+        $this->mountPointParameter = $this->sanitizeMountPointParameter($mountPointParameter);
         if (!($context instanceof Context)) {
             $context = GeneralUtility::makeInstance(Context::class);
         }
@@ -419,6 +419,23 @@ class RootlineUtility
         return $mountedPageData;
     }
 
+    /**
+     * Sanitize the MountPoint Parameter
+     * Splits the MP-Param via "," and removes mountpoints
+     * that don't have the format \d+-\d+
+     */
+    protected function sanitizeMountPointParameter(string $mountPointParameter): string
+    {
+        $mountPoints = GeneralUtility::trimExplode(',', $mountPointParameter);
+        foreach ($mountPoints as $key => $mP) {
+            // If MP has incorrect format, discard it
+            if (!preg_match('/^\d+-\d+$/', $mP)) {
+                unset($mountPoints[$key]);
+            }
+        }
+        return implode(',', $mountPoints);
+    }
+
     /**
      * Parse the MountPoint Parameters
      * Splits the MP-Param via "," for several nested mountpoints