First published: Thu Oct 28 2021(Updated: )
TikiWiki v21.4 was discovered to contain a cross-site scripting (XSS) vulnerability in the component tiki-calendar.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload under the Add Event module.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Tiki Tikiwiki Cms\/groupware | =21.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.