Max CVSS | 3.5 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-14850 | 3.5 |
Stored XSS vulnerabilities in Tiki before 18.2, 15.7 and 12.14 allow an authenticated user injecting JavaScript to gain administrator privileges if an administrator opens a wiki page and moves the mouse pointer over a modified link or thumb image.
|
10-10-2018 - 15:46 | 13-08-2018 - 17:29 | |
CVE-2018-14849 | 3.5 |
Tiki before 18.2, 15.7 and 12.14 has XSS via link attributes, related to lib/core/WikiParser/OutputLink.php and lib/parser/parserlib.php.
|
10-10-2018 - 15:27 | 13-08-2018 - 17:29 |