Cross-site Scripting (XSS)

typo3/cms is vulnerable to cross-site scripting.The vulnerability exists in dumpAction function in FileDumpController.php due to exposing stored files from the backend user interface through a corresponding service-side process, which allows an attacker to inject and execute malicious javascript...