/servlets/ajax_file_upload?fieldName=binary3 in dotCMS 5.1.1 allows XSS and HTML Injection.Referenceshttp://packetstormsecurity.com/files/152788/dotCMS-5.1.1-HTML-Injection.html
