Drsassafras

**Name of the Vulnerable Software and Affected Versions** Tiki Wiki CMS version 15.2 **Description** A remote attacker could read arbitrary files on a targeted system by using a crafted pathname in a banner URL field. **Recommendations** For Tiki Wiki CMS version 15.2, update to a version that includes a fix for this issue, as using a crafted pathname in the banner URL field could allow a remote attacker to read arbitrary files. At the moment, there is no information about a newer version that contains a fix for this vulnerability.