Description
Cross-site scripting (XSS) vulnerability in TikiWiki before 1.9.1.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Affected products
- Tiki / tikiwiki_cms/groupware1.9.1
- Tiki / tikiwiki_cms/groupware1.9.0 – 1.9.0
- Tiki / tikiwiki_cms/groupware1.9.0 – 1.9.0
- Tiki / tikiwiki_cms/groupware1.9.0 – 1.9.0
- Tiki / tikiwiki_cms/groupware1.9.0 – 1.9.0
References
- MISChttp://tikiwiki.org/art118
- MISChttp://sourceforge.net/project/shownotes.php?release_id=364457
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2005/2176
- MISChttp://www.securityfocus.com/bid/15164
- MISChttp://securitytracker.com/id?1015087
- MISChttp://www.gentoo.org/security/en/glsa/glsa-200510-23.xml
- VENDOR_ADVISORYhttp://secunia.com/advisories/17363
- MISChttp://bugs.gentoo.org/show_bug.cgi?id=109858
- VENDOR_ADVISORYhttp://secunia.com/advisories/17279