It has been discovered that the extension WT Gallery (wt_gallery) is susceptible to Path Traversal and Cross Site Scripting (XSS) attacks. Besides that, it may disclose sensitive information.

More... (http://news.typo3.org:80/news/article/security-bulletin-typo3-20080513-1-multiple-vulnerabilities-in-extension-wt-gallery-wt-gallery/)