CVE-2011-3010

Multiple cross-site scripting XSS vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via 1 the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or 2 the query string to SlideShow.pm in the...

CVE-2015-3634

CVE-2015-3634 affects the WordPress Slideshow plugin (versions 2.2.8–2.2.21). The vulnerability arises in SlideshowPluginSlideshowStylesheet::loadStylesheetByAJAX, an AJAX action that can be invoked by unauthenticated users, allowing remote readers to disclose arbitrary WordPress option values. C...

Slideshow 2.2.8-2.2.21 - Option Value Disclosure

The SlideshowPluginSlideshowStylesheet::loadStylesheetByAJAX function, accessible by unauthenticated users as an AJAX action, can be abused to force the disclosure of arbitrary Wordpress option values...

TWiki < 5.1.0 'newtopic' Parameter and SlideShowPlugin XSS Vulnerabilities

TWiki is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:twiki:twiki"...

CVE-2011-3010

Multiple cross-site scripting XSS vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via 1 the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or 2 the query string to SlideShow.pm in the...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via 1 the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or 2 the query string to SlideShow.pm in the...

CVE-2011-3010

Multiple cross-site scripting XSS vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via 1 the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or 2 the query string to SlideShow.pm in the...

CVE-2011-3010

TWiki is affected by multiple XSS vulnerabilities in versions before 5.1.0. The issues stem from (1) the newtopic parameter in a WebCreateNewTopic action (tied to TWiki.WebCreateNewTopicTemplate) and (2) the query string to SlideShow.pm in the SlideShowPlugin. Affected component/entry: TWiki

TWiki 5.0.2 SlideShowPlugin - Slide Show Pages URI Cross-Site Scripting

TWiki 5.0.2 SlideShowPlugin - Slide Show Pages URI Cross-Site Scripting source: https://www.securityfocus.com/bid/49746/info TWiki is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execu...