Name of the Vulnerable Software and Affected Versions: TYPO3 (affected versions not specified)

Description: The issue arises from the failure to properly encode user input, making notifications shown in modal windows in the backend susceptible to cross-site scripting. A valid backend user account is required to exploit this issue.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.