Stored XSS vulnerabilities in Tiki prior to 18.2, 15.7 and 12.14 allow an authenticated user injecting JavaScript to gain administrator privileges if an administrator opens a wiki page and moves the mouse pointer over a modified link or thumb image.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tiki tikiwiki cms\\/groupware |