CVE-2008-2450
Multiple cross-site scripting (XSS) vulnerabilities in the Statistics (aka ke_stats) extension 0.1.2 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Date published : 2008-05-27
http://typo3.org/teams/security/security-bulletins/typo3-20080513-4