Cross site scripting

2006-03-2311:06:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.0%

JSON

Cross-site scripting (XSS) vulnerability in OSWiki before 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the username field to (1) list.rhtml or (2) show.rhtml.

CPENameOperatorVersion
oswikile0.3

CPE	Name	Operator	Version
	oswiki	le	0.3

References

secunia.com/advisories/19290

svn.sourceforge.net/viewcvs.cgi/opensourcewiki/branches/0.3/oswiki/app/views/user/list.rhtml?view=log

www.securityfocus.com/bid/17189

www.vupen.com/english/advisories/2006/1035

exchange.xforce.ibmcloud.com/vulnerabilities/25410