TYPO3 Security Bulletin
It has been discovered that the extension WEC Discussion Forum wecdiscussion is vulnerable to Cross-Site Scripting XSS and SQL injection. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 1.7.0 and all versions below...