CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
Percentile
52.9%
Multiple cross-site scripting (XSS) vulnerabilities in the wiki application
in Yaws 1.88 allow remote attackers to inject arbitrary web script or HTML
via (1) the tag parameter to editTag.yaws, (2) the index parameter to
showOldPage.yaws, (3) the node parameter to allRefsToMe.yaws, or (4) the
text parameter to editPage.yaws.