CVE-2008-2450

Name of the Vulnerable Software and Affected Versions: TYPO3 Statistics (aka ke stats) extension version 0.1.2 and earlier

Description: The issue concerns multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary web script or HTML. The exact vectors used for the injection are not specified.

Recommendations: For TYPO3 Statistics (aka ke stats) extension version 0.1.2 and earlier, update to a version later than 0.1.2 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.