Component Type: TYPO3 Core
Affected Versions: TYPO3 versions 4.2.0, 4.2.1 and 4.2.2
Vulnerability Type: Cross Site Scripting
Vulnerability: The frontend plugin of system extension "felogin" is susceptible to Cross-Site Scripting.
Solution: Update to TYPO3 version 4.2.3 that fixes the issue described.
Credits: Credits go to Dirk Hoffmann who reported the issue. The TYPO3 Security Team also wishes to thank TYPO3 Core Team members Dmitry Dulepov and Steffen Kamper for fixing the issue.