oss-sec mailing list archives
CVE request: tikiwiki <= 5.2 XSS, CSRF, file inclusion
From: Hanno Böck <hanno () hboeck de>
Date: Fri, 19 Nov 2010 00:22:40 +0100
See: http://packetstormsecurity.org/files/view/94257/tikiwiki52-lfi.txt http://packetstormsecurity.org/files/view/94256/tikiwiki52-xsrf.txt http://packetstormsecurity.org/files/view/94255/tikiwiki52-xss.txt All fixed in 5.3 and 3.8: http://info.tiki.org/article113-Tiki-Wiki-CMS-Groupware-Releases-5-3-and-3-8-LTS-Security-Patches -- Hanno Böck Blog: http://www.hboeck.de/ GPG: 3DBD3B20 Jabber/Mail: hanno () hboeck de http://schokokeks.org - professional webhosting
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- CVE request: tikiwiki <= 5.2 XSS, CSRF, file inclusion Hanno Böck (Nov 18)
- Re: CVE request: tikiwiki <= 5.2 XSS, CSRF, file inclusion Josh Bressers (Nov 22)