CVE-2005-4053

Name of the Vulnerable Software and Affected Versions coWiki version 0.3.4

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the q parameter. This can be demonstrated using a specific HTML file.

Recommendations For coWiki version 0.3.4, avoid using the q parameter in affected API endpoints until the issue is resolved. As a temporary workaround, consider restricting access to the vulnerable parameter to minimize the risk of exploitation.