PT-2018-12760 · Tiki · Tiki
Jonnybradley
·
Publicado
2018-08-13
·
Atualizado
2018-10-10
·
CVE-2018-14849
CVSS v3.1
5.4
Média
| Vetor | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Tiki versions prior to 18.2
Tiki versions prior to 15.7
Tiki versions prior to 12.14
Description
The issue is related to cross-site scripting (XSS) via link attributes. It is associated with the files lib/core/WikiParser/OutputLink.php and lib/parser/parserlib.php.
Recommendations
For versions prior to 18.2, update to version 18.2 or later.
For versions prior to 15.7, update to version 15.7 or later.
For versions prior to 12.14, update to version 12.14 or later.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Tiki