CVSS: 4.3EPSS: 0%CPEs: 24EXPL: 1CVE-2011-4551 – Tiki Wiki CMS Groupware 8.1 - 'show_errors' HTML Injection
https://notcve.org/view.php?id=CVE-2011-4551
Cross-site scripting (XSS) vulnerability in tiki-cookie-jar.php in TikiWiki CMS/Groupware before 8.2 and LTS before 6.5 allows remote attackers to inject arbitrary web script or HTML via arbitrary parameters. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en tiki-cookie-jar.php en TikiWiki CMS/Groupware, antes de v8.2 y LTS antes de v6.5, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de parámetros de su elección. Tiki Wiki CMS Groupware versions 8.1 and 6.4 LTS suffer from a stored cross site scripting vulnerability. • https://www.exploit-db.com/exploits/36470 http://info.tiki.org/article183-Tiki-Wiki-CMS-Groupware-8-2-and-6-5LTS-Security-Patches-Available http://secunia.com/advisories/47278 http://www.infoserve.de/system/files/advisories/INFOSERVE-ADV2011-07.txt http://www.osvdb.org/77966 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •