Tiki Wiki CMS XSS Vulnerability
Moderate severity
GitHub Reviewed
Published
May 14, 2022
to the GitHub Advisory Database
•
Updated Jul 25, 2023
Description
Published by the National Vulnerability Database
Feb 21, 2018
Published to the GitHub Advisory Database
May 14, 2022
Reviewed
Jul 25, 2023
Last updated
Jul 25, 2023
Tiki 17.1 allows upload of a .PNG file that actually has SVG content, leading to XSS.
References