- Home
- CVEs with nessus.description==According to its version number, the instance of TWiki running on the remote host is affected by multiple security vulnerabilities :
- The '%MAKETEXT{}%' variable fails to properly sanitize user-supplied input. A remote attacker can exploit this issue to execute arbitrary shell commands on the remote host subject to the privileges of the web server user.
(CVE-2012-6329)
- The '%MAKETEXT{}%' variable fails to properly sanitize user-supplied input, which can lead to a denial of service) condition if an overly large value is passed to the variable. (CVE-2012-6330)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top