2 matches found
CVE-2020-16131
Tiki before 21.2 allows XSS because \s/"' is not properly considered in lib/core/TikiFilter/PreventXss.php...
CVE-2020-16131
CVE-2020-16131 affects Tiki Wiki CMS Groupware prior to version 21.2. The root cause is improper handling of characters in PreventXss.php, allowing a cross-site scripting (XSS) condition. Documented impact is client-side code execution via XSS vectors stemming from insufficient escaping of whites...