CVE-2006-6163

Tikiwiki Cms/groupware < 1.9.6 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in tiki-setup_base.php in TikiWiki before 1.9.7 allows remote attackers to inject arbitrary JavaScript via unspecified parameters.

References (2)

[Product] http://tikiwiki.cvs.sourceforge.net/tikiwiki/tiki/changelog.txt?r1=1.157.2.50&r2=1.157.2.51

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/4709

Scores

EPSS 0.0034

EPSS Percentile 56.3%

Classification

CWE

CWE-79

Status draft

Affected Products (11)

tiki/tikiwiki_cms\/groupware < 1.9.6

tiki/tikiwiki_cms\/groupware

Timeline

Published Nov 29, 2006

Tracked Since Feb 18, 2026