Multiple cross-site scripting (XSS) vulnerabilities in the wiki application in Yaws 1.88 allow remote attackers to inject arbitrary web script or HTML via (1) the tag parameter to editTag.yaws, (2) the index parameter to showOldPage.yaws, (3) the node parameter to allRefsToMe.yaws, or (4) the text parameter to editPage.yaws.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/51276 | |
https://sitewat.ch/Advisory/View/4 | URL Repurposed |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2011-12-29T11:00:00
Updated: 2012-09-25T09:00:00
Reserved: 2011-12-28T00:00:00
Link: CVE-2011-5025
JSON object: View
NVD Information
Status : Modified
Published: 2011-12-29T11:55:10.250
Modified: 2024-02-14T01:17:43.863
Link: CVE-2011-5025
JSON object: View
Redhat Information
No data.
CWE