Tikiwiki Information Disclosure and Cross-Site Scripting Vulnerabilities

Tikiwiki Information Disclosure and Cross-Site Scripting Vulnerabilities

An attacker can exploit these issues via a web client.

The following proofs of concept are available:

/data/vulnerabilities/exploits/20858_xss.html
/data/vulnerabilities/exploits/20858_info_dis.swf