Tiki · Tiki Wiki Cms · CVE-2020-8966
**Name of the Vulnerable Software and Affected Versions**
Tiki-Wiki CMS versions through 20.0
**Description**
The issue is related to an Improper Neutralization of Script-Related HTML Tags in a Web Page, also known as Basic XSS. This allows malicious users to inject malicious code fragments, such as scripts, into a legitimate web page.
**Recommendations**
For versions through 20.0, update to a version that contains a fix for this issue to prevent malicious code injection.
As a temporary workaround, consider restricting user input to prevent the injection of malicious scripts until a patch is available.