CVE-2012-5321

2012-10-0818:00:00

mitre

www.cve.org

6.6 Medium

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.9%

JSON

tiki-featured_link.php in TikiWiki CMS/Groupware 8.3 allows remote attackers to load arbitrary web site pages into frames and conduct phishing attacks via the url parameter, aka “frame injection.”

References

osvdb.org/79409

secunia.com/advisories/48102

st2tea.blogspot.com/2012/02/tiki-wiki-cms-groupware-frame-injection.html

www.securityfocus.com/bid/52079

www.securitytracker.com/id?1026708

exchange.xforce.ibmcloud.com/vulnerabilities/73403