Cross-Site Scripting (XSS)

haffner/jhcaptcha extension of Typo3 is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript into a victim's browser using the TypoScript parameters in the ReCaptcha Validator and View Helper pages...