Security vulnerabilities have been discovered in the third party TYPO3 extension "WEC Discussion Forum" (wec_discussion)

More... (http://news.typo3.org/news/article/security-issues-in-third-party-extension-direct-mail-direct-mail/)