CVE-2005-3283

Tikiwiki Cms/groupware < 1.9.1 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in TikiWiki before 1.9.1.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

References (9)

[Patch] http://securitytracker.com/id?1015087

[Patch] http://sourceforge.net/project/shownotes.php?release_id=364457

[Various Sources] http://tikiwiki.org/art118

[Issue Tracking] http://bugs.gentoo.org/show_bug.cgi?id=109858

[Third Party Advisory] http://www.gentoo.org/security/en/glsa/glsa-200510-23.xml

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/15164

[Third Party Advisory] http://secunia.com/advisories/17279

[Third Party Advisory] http://secunia.com/advisories/17363

[Third Party Advisory] http://www.vupen.com/english/advisories/2005/2176

Scores

EPSS 0.0088

EPSS Percentile 75.1%

Classification

CWE

CWE-79

Status draft

Affected Products (5)

tiki/tikiwiki_cms\/groupware < 1.9.1

tiki/tikiwiki_cms\/groupware

Timeline

Published Oct 23, 2005

Tracked Since Feb 18, 2026