PT-2020-7537 · Unknown · Tikiwiki Cms/Groupware
Published
2020-02-12
·
Updated
2020-02-18
·
CVE-2013-6022
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions:
Tiki Wiki CMG Groupware version 11.0
Description:
A Cross-Site Scripting (XSS) issue exists via the
id parameter, specifically with paraZeroClipboard.swf, which could allow a remote malicious user to execute arbitrary code.Recommendations:
For Tiki Wiki CMG Groupware version 11.0, consider disabling the
paraZeroClipboard.swf component to minimize the risk of exploitation until a patch is available.Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tikiwiki Cms/Groupware