Josh Triplett

Name of the Vulnerable Software and Affected Versions: ikiwiki versions prior to 3.1415926 ikiwiki versions 2.x prior to 2.53.4 Description: The issue is related to an incomplete blacklist vulnerability in the teximg plugin. This allows context-dependent attackers to read arbitrary files via crafted TeX commands. Recommendations: For versions prior to 3.1415926, update to version 3.1415926 or later. For versions 2.x prior to 2.53.4, update to version 2.53.4 or later.

**Name of the Vulnerable Software and Affected Versions** Ikiwiki versions prior to 1.1.46 **Description** The issue is related to a cross-site scripting (XSS) vulnerability in the htmlscrubber component. This allows remote attackers to inject arbitrary web script or HTML via title contents. **Recommendations** For versions prior to 1.1.46, update to version 1.1.46 or later to resolve the issue.