3 matches found
CVE-2017-14925
Cross-Site Request Forgery CSRF vulnerability via IMG element in Tiki before 16.3, 17.x before 17.1, 12 LTS before 12.12 LTS, and 15 LTS before 15.5 LTS allows an authenticated user to edit global permissions if an administrator opens a wiki page with an IMG element, related to...
CVE-2017-14925
Cross-Site Request Forgery CSRF vulnerability via IMG element in Tiki before 16.3, 17.x before 17.1, 12 LTS before 12.12 LTS, and 15 LTS before 15.5 LTS allows an authenticated user to edit global permissions if an administrator opens a wiki page with an IMG element, related to...
CVE-2017-14925
CVE-2017-14925 affects Tiki Wiki before certain versions (16.3, 17.x before 17.1, 12 LTS before 12.12 LTS, 15 LTS before 15.5 LTS). The vulnerability is a Cross-Site Request Forgery (CSRF) via an IMG element, related to tiki-objectpermissions.php, enabling an authenticated user to edit global per...