TYPO3 is the most widely used enterprise content management system with more than 500.000 installations. I have recently discovered a Non-Persistent Cross-Site Scripting vulnerability in its core and disclosed the details of the vulnerability publicly as CVE-2015-5956. This blog article should give you
CVE-2015-5956: Bypassing the TYPO3 Core XSS Filter
