Typo3 · Typo3 Commerce Extension · CVE-2009-4963
**Name of the Vulnerable Software and Affected Versions**
TYPO3 Commerce extension versions prior to 0.9.9
**Description**
The issue is related to a cross-site scripting (XSS) vulnerability, which allows remote authenticated users to inject arbitrary web script or HTML. This can be achieved via unspecified vectors.
**Recommendations**
For versions prior to 0.9.9, update to version 0.9.9 or later to resolve the issue.