tinymighty/wiki-seo is vulnerable to Cross-Site Scripting (XSS). The vulnerability exist in the Meta Property Tag Handler
parameter of WikiSEO.body.php
due to the lack of validation in the html elements when adding a user which allows an attacker to inject and execute malicious JavaScript.
CPE | Name | Operator | Version |
---|---|---|---|
tinymighty/wiki-seo | le | 1.2.1 | |
tinymighty/wiki-seo | le | 1.2.1 |