CVE-2006-7050 Information
Description
Cross-site scripting (XSS) vulnerability in WikkaWiki (Wikka Wiki) before 1.1.6.2 allows remote attackers to inject arbitrary javascript via (1) events in forced links (url parameter) that are not properly handled in formatters/wakka.php and possibly (2) other vectors in wikka.php.
Reference
http://secunia.com/advisories/20628 http://wikkawiki.org/WikkaReleaseNotes http://wush.net/trac/wikka/changeset/47 http://wush.net/trac/wikka/ticket/142 http://www.securityfocus.com/bid/18481 http://www.vupen.com/english/advisories/2006/2381 https://exchange.xforce.ibmcloud.com/vulnerabilities/27227 wikkawiki-url-xss(27227) Cross-site scripting (XSS) vulnerability in WikkaWiki (Wikka Wiki) before 1.1.6.2 allows remote attackers to inject arbitrary javascript via (1) events in forced links (url parameter) that are not properly handled in formatters/wakka.php and possibly (2) other vectors in wikka.php.
Share on: