ID de Prueba:	1.3.6.1.4.1.25623.1.0.800266
Categoría:	Web application abuses
Título:	Tiki Wiki CMS Groupware < 2.4 Multiple XSS Vulnerabilities
Resumen:	Tiki Wiki CMS Groupware is prone to multiple cross-site; scripting (XSS) vulnerabilities.
Descripción:	Summary: Tiki Wiki CMS Groupware is prone to multiple cross-site scripting (XSS) vulnerabilities. Vulnerability Insight: Multiple flaws are due to improper sanitization of user supplied input in the pages i.e. 'tiki-orphan_pages.php', 'tiki-listpages.php', 'tiki-list_file_gallery.php' and 'tiki-galleries.php' which lets the attacker conduct XSS attacks inside the context of the web application. Vulnerability Impact: Successful exploitation will allow remote attackers to inject arbitrary HTML codes in the context of the affected web application. Affected Software/OS: Tiki Wiki CMS Groupware version 2.3 and prior. Solution: Update to version 2.4 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1204 BugTraq ID: 34105 http://www.securityfocus.com/bid/34105 BugTraq ID: 34106 http://www.securityfocus.com/bid/34106 BugTraq ID: 34107 http://www.securityfocus.com/bid/34107 BugTraq ID: 34108 http://www.securityfocus.com/bid/34108 Bugtraq: 20090312 TikiWiki 2.2 XSS Vulnerability in URI (Google Search) http://www.securityfocus.com/archive/1/501702/100/0/threaded http://secunia.com/advisories/34273
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.