2 matches found
CVE-2018-14850
Stored XSS vulnerabilities in Tiki before 18.2, 15.7 and 12.14 allow an authenticated user injecting JavaScript to gain administrator privileges if an administrator opens a wiki page and moves the mouse pointer over a modified link or thumb image...
CVE-2018-14850
CVE-2018-14850 affects Tiki Wiki before versions 18.2, 15.7, and 12.14. It is a stored XSS vulnerability where an authenticated user can inject JavaScript that, when an administrator opens a wiki page and hovers over a modified link or thumbnail image, may escalate privileges to administrator. Co...