BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
TikiWiki 2.2 XSS Vulnerability in URI Mar 12 2009 08:54AM
iliz-z yandex rui
Application: TikiWiki
Version: 2.2 (latest)
Website: www.tikiwiki.org

Bug: Active XSS in URI

Exploitation: Remote
Date: 12 Mar 2009

Discovered by: iliz
Author: iliz
Contact: e-mail: iliz-z(at)yandex(dot)ru

Bug Description:
TikiWiki version 2.2 and later uses URI in html response body and fails t...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus