Package: tikiwiki
Severity: important
Tags: security

>From CVE-2006-4299:
Cross-site scripting (XSS) vulnerability in tiki-searchindex.php in
TikiWiki 1.9.4 allows remote attackers to inject arbitrary web script
or HTML via the highlight parameter.

See http://secunia.com/advisories/21536 for details.

Please mention the CVE-id in the changelog.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to