Bug #84591

Updated by Oliver Hader over 2 years ago

> Today i build for a customer a CacheManipulateClass to flush a few news caches. (Please do not judge these flush cache way. I know about clearCacheCmd)
> Context: Regular be login and a sitepackage extension which register this class.
> Proof of Concept: My class add this identifier

* @param array $cacheActions
* @param array $optionValues
* @return void
public function manipulateCacheActions(&$cacheActions, &$optionValues)
$iconFactory = GeneralUtility::makeInstance(IconFactory::class);
$cacheActions[] = [
'id' => 'news_clear_cache',
'title' => 'Flush news caches',
'description' => 'Clear fluid cache for frontend pages with news',
'href' => (new UriBuilder())->buildUriFromRoute('news_clear_cache'),
'icon' => '<script>alert(document.cookie);</script>'

> In TYPO3 7.6.x the Cache manipulator hast he option „icon“ which will be handled at TYPO3/v7/typo3/sysext/backend/Classes/Backend/ToolbarItems/ClearCacheToolbarItem.php
> In the function getDropdown (line 160) the function called $cacheAction[‚icon‘] without htmlspecialchars().