It has been discovered that the system extension indexed_search is vulnerable to a SQL Injection flaw.

More... (http://news.typo3.org/news/article/typo3-security-bulletin-20071210-1-sql-injection-in-system-extension-indexed-search/)