PT-2024-34668 · Tiki · Tiki
R0Ck3T1973
·
Published
2024-10-28
·
Updated
2025-06-03
·
CVE-2024-51506
CVSS v3.1
4.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Tiki versions prior to 27.1
Description
The issue allows users with specific permissions to insert a stored XSS payload in the description, potentially leading to security breaches.
Recommendations
For versions prior to 27.1, update to version 27.1 or later to resolve the issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tiki