Typo3 · Typo3 Calendar Base · CVE-2009-4158
**Name of the Vulnerable Software and Affected Versions**
TYPO3 Calendar Base (cal) extension versions prior to 1.2.1
**Description**
A SQL injection issue allows remote attackers to execute arbitrary SQL commands.
**Recommendations**
For versions prior to 1.2.1, update to version 1.2.1 or later to resolve the issue.