CVE-2009-4953

TYPO3 sg_userdata (Userdata Create/Edit) extension vulnerable to Cross-site Scripting (XSS) in versions before 0.91.0. The issue permits injection of arbitrary script/HTML via unspecified vectors; CVSSv2 base score 4.3 (Medium). Remediation per TYPO3 security bulletin TYPO3-SA-2009-005 is to upda...