CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-36551
https://notcve.org/view.php?id=CVE-2021-36551
TikiWiki v21.4 was discovered to contain a cross-site scripting (XSS) vulnerability in the component tiki-calendar.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload under the Add Event module. Se ha detectado que TikiWiki versión v21.4 contiene una vulnerabilidad de tipo cross-site scripting (XSS) en el componente tiki-calendar.php. Esta vulnerabilidad permite a atacantes ejecutar scripts web o HTML arbitrarios por medio de una carga útil diseñada en el módulo Add Event • https://github.com/r0ck3t1973/xss_payload/issues/7 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-36550
https://notcve.org/view.php?id=CVE-2021-36550
TikiWiki v21.4 was discovered to contain a cross-site scripting (XSS) vulnerability in the component tiki-browse_categories.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload under the Create category module. Se ha detectado que TikiWiki versión v21.4 contiene una vulnerabilidad de tipo cross-site scripting (XSS) en el componente tiki-browse_categories.php. Esta vulnerabilidad permite a atacantes ejecutar scripts web o HTML arbitrarios por medio de una carga útil diseñada en el módulo Create category • https://github.com/r0ck3t1973/xss_payload/issues/6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •