CVE-2018-25384 Wikidforum 2.20 Cross-Site Scripting via reply_text Parameter

Wikidforum 2.20 contains a cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted HTML in the replytext parameter. Attackers can post comments containing JavaScript code through the rpc.php endpoint that executes in other users'...

WikidForum 跨站脚本漏洞

WikidForum is an open-source web-based forum management system developed by WikidForum. Version 2.20 of WikidForum has a cross-site scripting vulnerability. This vulnerability stems from the use of the replytext parameter to submit specially crafted HTML. As a result, authenticated attackers may...