Cross site scripting

2018-02-2120:29:00

PRIOn knowledge base

www.prio-n.com

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.9%

Tiki 17.1 allows upload of a .PNG file that actually has SVG content, leading to XSS.

CPENameOperatorVersion
tikieq17.1

CPE	Name	Operator	Version
	tiki	eq	17.1

References

websecnerd.blogspot.in/2018/01/tiki-wiki-cms-groupware-17.html