TikiWiki 'tiki-orphan_pages.php' Cross Site Scripting Vulnerability Network Vulnerability

Summary

TikiWiki is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based authentication credentials. TikiWiki 2.2 through 3.0 beta1 are vulnerable.

Severity

Classification

CVE CVE-2009-1204

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Admidio get_file.php Remote File Disclosure Vulnerability
aeNovo Database Content Disclosure Vulnerability
Apache Struts2/XWork Remote Command Execution Vulnerability
Adobe ColdFusion HTTP Response Splitting Vulnerability
Apache Continuum Cross Site Scripting Vulnerability

Take action and discover your vulnerabilities