15 matches found
CVE-2024-51509
Tiki through 27.0 allows users who have certain permissions to insert a "Modules" aka tiki-adminmodules.php stored XSS payload in the Name...
CVE-2024-51507
Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Name...
CVE-2024-51508
Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Index...
CVE-2024-51507
Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Name...
CVE-2024-51509
Tiki through 27.0 allows users who have certain permissions to insert a "Modules" aka tiki-adminmodules.php stored XSS payload in the Name...
CVE-2024-51506
Tiki through 27.0 allows users who have certain permissions to insert a "Create a Wiki Pages" stored XSS payload in the description...
CVE-2024-51509
CVE-2024-51509 affects Tiki Wiki CMS Groupware up to version 27.0. Vulnerability: users with certain permissions can insert a stored XSS payload in the Name field of Modules (tiki-admin_modules.php). Impact is injection of a stored XSS payload as described in multiple sources; no explicit remedia...
CVE-2024-51507
Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Name...
CVE-2024-51508
Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Index...
CVE-2024-51509
Tiki through 27.0 allows users who have certain permissions to insert a "Modules" aka tiki-adminmodules.php stored XSS payload in the Name...
CVE-2024-51508
Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Index...
CVE-2024-51506
Tiki through 27.0 allows users who have certain permissions to insert a "Create a Wiki Pages" stored XSS payload in the description...
CVE-2024-51507
Tiki Wiki CMS Groupware
CVE-2024-51508
Affected product: Tiki Wiki CMS Groupware
CVE-2024-51506
CVE-2024-51506 affects Tiki Wiki CMS Groupware prior to 27.1. Multiple XSS vulnerabilities exist where a user with certain permissions can insert a stored XSS payload into the description of a newly created Wiki page. Publicly disclosed references from Red Hat and OpenVAS corroborate a stored XSS...