It has been discovered that the extension ve_guestbook is vulnerable to SQL Injection attacks. Also, a Cross Site Scripting issue has been detected.

More... (http://news.typo3.org/news/article/typo3-security-bulletin-20070801-1-multiple-vulnerabilities-in-extension-ve-guestbook/)