CVE-2011-4551
TikiWiki CMS/Groupware < 8.1 - Cross-Site Scripting via tiki-cookie-jar.php Parameters
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2011-4551. PoCs published by Stefan Schurtz.
AI-analyzed exploit summary This exploit demonstrates an HTML injection vulnerability in Tiki Wiki CMS Groupware, where user-supplied input is not properly sanitized, allowing attacker-supplied HTML and script code to execute in the context of the affected browser.
Description
Cross-site scripting (XSS) vulnerability in tiki-cookie-jar.php in TikiWiki CMS/Groupware before 8.2 and LTS before 6.5 allows remote attackers to inject arbitrary web script or HTML via arbitrary parameters.
Exploits (1)
This exploit demonstrates an HTML injection vulnerability in Tiki Wiki CMS Groupware, where user-supplied input is not properly sanitized, allowing attacker-supplied HTML and script code to execute in the context of the affected browser.