brotkrueml/typo3-matomo-integration is vulnerable to cross-site scripting. The vulnerability exists in convertStringValue
function in MatomoMethodCall.php
because the content from PSR-14 events are not properly escaped which allows an attackers to inject and execute arbitrary javascript.