Several vulnerabilities have been found in the following third party TYPO3 extensions: "CoolURI" (cooluri), "Reset backend password" (cwt_resetbepassword), "datamints Newsticker"...

More... (http://news.typo3.org/news/article/security-issues-in-several-third-party-typo3-extensions-including-cooluri-cwt-resetbepassword-data/)