PT-2006-4291 · Moniwiki · Moniwiki

Kil13R

Published

2006-07-06

Updated

2018-10-18

CVE-2006-3399

CVSS v2.0

2.6

Low

Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions MoniWiki versions prior to 1.1.2-20060702

Description The issue is related to a cross-site scripting (XSS) vulnerability. It allows remote attackers to inject arbitrary Javascript via the URL, which is then reflected back in an error message.

Recommendations For versions prior to 1.1.2-20060702, update to version 1.1.2-20060702 or later to resolve the issue. As a temporary workaround, consider restricting access to the wiki.php file to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-3399

Affected Products

Moniwiki

PT-2006-4291 · Moniwiki · Moniwiki

CVE-2006-3399

Related Identifiers

Affected Products

References · 8