DotCMS version 3.5 Beta suffers from a cross site scripting vulnerability.