It has been discovered that the extension mm_forum is vulnerable to multiple SQL Injection attacks and multiple XSS flaws alongside other vulnerabilities.

More... (http://news.typo3.org/news/article/typo3-security-bulletin-20070919-1-multiple-vulnerabilities-in-extension-mm-forum/)