I just downloaded Tor Browser Bundle and extracted it.
I had no copy of my Tor Nodes Settings so i just browsed using the standard nodes and i forgot to disabke Java Script.
I did not notice anything suspicious while i was browsing, all the homepages looked like the ones i was trying to reach. Still i am asking myself if my DNS conection could have been manipulated and if i could have been forwarded to a malware hosting homepage.
For your question, you can imagine TOR like a proxy whose administrator can see everything you do if it is not encrypted.
Every unencrypted content you send through TOR can be seen by the owner of the first and the last node. And every content not signed can be potentially altered by these nodes.
Here is an article about a security researcher trying to identify nodes sniffing traffic: https://chloe.re/2015/06/20/a-month-with-badonions/
EDIT: I had not read her last article about content manipulation by exit nodes, but this clearly shows HTTPS may be recommended: https://chloe.re/2015/06/30/this-weeks-tor-attacks/
There is just one thing I want to correct in the good answer of @JoedeLyes: Tor has no control over the traffic between the exist node and the destination server. I mean it can not encrypt in anyway the communication between the exit node and the destination server, and that is one of the weaknesses of Tor because exit nodes are vulnerable to eavesdrop.
As for disabling JavaScript it is a matter of pros and cons: when you whitelist websites by disabling JS when you visit them your behavior becomes a sort of a cookie that makes you recognizable and you're not that strongly anonymous anymore. But disabling it protects you from browser vulnerabilities too. But you have to know that JS is enabled by default in Tor browser.
Talking about DNS requests being forwarded to malicious targets, that sounds extremely difficult regarding how Tor nodes function, however it is claimed that NSA redirects identified Tor users to another set of its own secret Internet servers.