Cross-site scripting (XSS) vulnerability in templates/openid-selector.tmpl in ikiwiki prior to 3.20150329 allows remote malicious users to inject arbitrary web script or HTML via the openid_identifier parameter in a verify action to ikiwiki.cgi.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ikiwiki ikiwiki |
||
fedoraproject fedora 20 |
||
fedoraproject fedora 21 |
||
fedoraproject fedora 22 |