CVE-2020-8966

Name of the Vulnerable Software and Affected Versions Tiki-Wiki CMS versions through 20.0

Description The issue is related to an Improper Neutralization of Script-Related HTML Tags in a Web Page, also known as Basic XSS. This allows malicious users to inject malicious code fragments, such as scripts, into a legitimate web page.

Recommendations For versions through 20.0, update to a version that contains a fix for this issue to prevent malicious code injection. As a temporary workaround, consider restricting user input to prevent the injection of malicious scripts until a patch is available.