Cross-site scripting (XSS) vulnerability in the Frontend Login Box (aka felogin) subcomponent in TYPO3 4.2.0 through 4.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.Referenceshttp://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016/http://secunia.com/advisories/37122http://marc.info/?l=oss-security&m=125633199111438&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/53926http://marc.info/?l=oss-security&m=125632856206736&w=2http://www.vupen.com/english/advisories/2009/3009http://www.securityfocus.com/bid/36801
