[pkg-tikiwiki-devel] Bug#404472: CVE-2006-6457 and potential XSS bug
Florian Weimer
fw at deneb.enyo.de
Mon Dec 25 11:37:57 CET 2006
Package: tikiwiki
Severity: important
Tags: security
Could you please investigate if CVE-2006-6457 has been fixed in the
Debian package? Thanks.
In addition, tiki-wiki_rss.php may suffer from an XSS vulnerability
(the affected site claims to run the 1.0 CVS version, though):
http://tikiwiki/tiki-wiki_rss.php?ver=555555555%3Cb%3E22362623
(This is a different vulnerability.)
More information about the pkg-tikiwiki-devel
mailing list