Component Type: System Extension
This Extension is Part of the TYPO3 default installation
Affected Components: Indexed Search
Versions: 2.9.0 under TYPO3 4.x
Vulnerability Type: Cross Site Scripting
Upgrade to TYPO3 4.0.2 or apply the Patch which is provided here: <media 799 - download>indexed search xss patch</media>
Special thanks to Mr. Ekkehard GÃ¼mbel who pointed this one out to us, and to Mr. Ingmar Schlecht, who provided the Patch.