Lucene search

K
ubuntucveUbuntu.comUB:CVE-2007-5683
HistoryOct 26, 2007 - 12:00 a.m.

CVE-2007-5683

2007-10-2600:00:00
ubuntu.com
ubuntu.com
5

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

49.6%

Multiple cross-site scripting (XSS) vulnerabilities in TikiWiki 1.9.8.1 and
earlier allow remote attackers to inject arbitrary web script or HTML via
(1) the username parameter to the password reminder page
(tiki-remind_password.php), (2) IMG tags in wiki pages, and (3) the
local_php parameter to db/tiki-db.php.

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

49.6%