3 matches found
CVE-2006-5703
Cross-site scripting XSS vulnerability in tiki-featuredlink.php in Tikiwiki 1.9.5 allows remote attackers to inject arbitrary web script or HTML via a url parameter that evades filtering, as demonstrated by a parameter value containing malformed, nested SCRIPT elements...
CVE-2006-5703
Cross-site scripting XSS vulnerability in tiki-featuredlink.php in Tikiwiki 1.9.5 allows remote attackers to inject arbitrary web script or HTML via a url parameter that evades filtering, as demonstrated by a parameter value containing malformed, nested SCRIPT elements...
CVE-2006-5703
CVE-2006-5703 affects TikiWiki 1.9.5 via tiki-featured_link.php, where an attacker can inject arbitrary script/HTML through a url parameter that bypasses filtering (demonstrated with malformed nested SCRIPT elements). Connected advisories (GLSA 200611-11, Gentoo GLSA, and OpenVAS/Nessus entries) ...