It has been discovered that the extension "Static Info Tables" (static_info_tables) is vulnerable to Cross-Site Scripting.

More... (http://typo3.org/news/article/cross-site-scripting-vulnerability-in-extension-static-info-tables-static-info-tables/)