Описание
tiki/tiki-upload_file.php in Tiki 18.4 allows remote attackers to upload JavaScript code that is executed upon visiting a tiki/tiki-download_file.php?display&fileId= URI.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| tikiwiki | removed | package |
EPSS
Процентиль: 37%
0.00157
Низкий
Связанные уязвимости
CVSS3: 5.4
nvd
больше 6 лет назад
tiki/tiki-upload_file.php in Tiki 18.4 allows remote attackers to upload JavaScript code that is executed upon visiting a tiki/tiki-download_file.php?display&fileId= URI.
CVSS3: 5.4
github
больше 3 лет назад
tiki/tiki-upload_file.php in Tiki 18.4 allows remote attackers to upload JavaScript code that is executed upon visiting a tiki/tiki-download_file.php?display&fileId= URI.
EPSS
Процентиль: 37%
0.00157
Низкий