710
VMScore

CVE-2015-2793

CVSSv4: NA | CVSSv3: 6.1 | CVSSv2: 4.3 | VMScore: 710 | EPSS: 0.0027 | KEV: Not Included
Published: 21/11/2019 Updated: 21/11/2024

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in templates/openid-selector.tmpl in ikiwiki prior to 3.20150329 allows remote malicious users to inject arbitrary web script or HTML via the openid_identifier parameter in a verify action to ikiwiki.cgi.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ikiwiki ikiwiki

fedoraproject fedora 20

fedoraproject fedora 21

fedoraproject fedora 22

Vendor Advisories

Debian Bug report logs - #781483 ikiwiki: CVE-2015-2793: cross-site scripting via openid_identifier Package: ikiwiki; Maintainer for ikiwiki is Simon McVittie <smcv@debianorg>; Source for ikiwiki is src:ikiwiki (PTS, buildd, popcon) Reported by: Simon McVittie <smcv@debianorg> Date: Sun, 29 Mar 2015 21:09:01 UTC S ...