A cross-site scripting vulnerability was found in an unknown function of the component Table Import Handler. The manipulation of the argument Import data leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.