Bug #84591
Updated by Oliver Hader over 6 years ago
> Today i build for a customer a CacheManipulateClass to flush a few news caches. (Please do not judge these flush cache way. I know about clearCacheCmd) > > Context: Regular be login and a sitepackage extension which register this class. > > Proof of Concept: My class add this identifier > <pre> /** * @param array $cacheActions * @param array $optionValues * * @return void */ public function manipulateCacheActions(&$cacheActions, &$optionValues) { $iconFactory = GeneralUtility::makeInstance(IconFactory::class); $cacheActions[] = [ 'id' => 'news_clear_cache', 'title' => 'Flush news caches', 'description' => 'Clear fluid cache for frontend pages with news', 'href' => (new UriBuilder())->buildUriFromRoute('news_clear_cache'), 'icon' => '<script>alert(document.cookie);</script>' ]; } </pre> > In TYPO3 7.6.x the Cache manipulator hast he option „icon“ which will be handled at TYPO3/v7/typo3/sysext/backend/Classes/Backend/ToolbarItems/ClearCacheToolbarItem.php > In the function getDropdown (line 160) the function called $cacheAction[‚icon‘] without htmlspecialchars().