[SECURITY] t3lib_div::quoteJSvalue allows XSS