CVE-2011-5267

Name of the Vulnerable Software and Affected Versions Xinha versions prior to the fixed version WikiWig version 5.01

Description The issue is related to multiple cross-site scripting (XSS) vulnerabilities in the SpellChecker module. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the to p dict or to r list parameters in the spell-check-savedicts.php file.

Recommendations For Xinha, update to a version that includes the fix for this issue. For WikiWig version 5.01, consider disabling the SpellChecker module until a patch is available. As a temporary workaround, restrict access to the spell-check-savedicts.php file to minimize the risk of exploitation. Avoid using the to p dict and to r list parameters in the affected module until the issue is resolved.