WikiNi wakka.php Multiple Variable XSS

2006-10-23T06:48:54
ID OSVDB:29931
Type osvdb
Reporter OSVDB
Modified 2006-10-23T06:48:54

Description

Solution Description

Upgrade to version 0.4.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor Specific News/Changelog Entry: http://www.wikini.net/wakka.php?wiki=WikiNiChangeLog044 Vendor Specific News/Changelog Entry: http://cvs.gna.org/cvsweb/wikini/actions/usersettings.php.diff?r1=1.14.2.1;r2=1.14.2.2;cvsroot=wikini;f=h Security Tracker: 1017116 Secunia Advisory ID:22558 Other Advisory URL: http://zone14.free.fr/advisories/6/ Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-10/0396.html ISS X-Force ID: 29761 FrSIRT Advisory: ADV-2006-4159 CVE-2006-5516 Bugtraq ID: 20688