Several vulnerabilities have been found in the following third party TYPO3 extensions: "Commerce" (commerce), "T3M E-Mail Marketing Tool" (t3m), "AIRware Lexicon" (air_lexicon), "AST ZipCodeSearch"...

More... (http://news.typo3.org/news/article/security-issues-in-several-third-party-typo3-extensions-including-commerce-and-t3m/)