The provided text describes a cross-site scripting (XSS) vulnerability in JamWiki 1.1.5, where user-supplied input is not properly sanitized. The vulnerability can be exploited via the 'num' parameter in the 'Special:AllPages' endpoint.
Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:JamWiki 1.1.5
No auth needed
Prerequisites:Access to the vulnerable JamWiki instance