Описание
Cross-site scripting (XSS) vulnerability in WikkaWiki (Wikka Wiki) before 1.1.6.2 allows remote attackers to inject arbitrary javascript via (1) events in forced links (url parameter) that are not properly handled in formatters/wakka.php, and possibly (2) other vectors in wikka.php.
Ссылки
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 1.1.6.1 (включая)
cpe:2.3:a:wikkawiki:wikkawiki:*:*:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.01333
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Cross-site scripting (XSS) vulnerability in WikkaWiki (Wikka Wiki) before 1.1.6.2 allows remote attackers to inject arbitrary javascript via (1) events in forced links (url parameter) that are not properly handled in formatters/wakka.php, and possibly (2) other vectors in wikka.php.
EPSS
Процентиль: 80%
0.01333
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other