Tue. 19th December, 2017
It has been discovered that the extension "Caretaker" (caretaker) is susceptible to Cross-Site Scripting.
This is a companion discussion topic for the original entry at https://new.typo3.org/article/cross-site-scripting-in-extension-caretaker-caretaker/