Twiki » Twiki » 4.0.0 : Security Vulnerabilities, CVEs, Published In 2011 (XSS)

cpe:2.3:a:twiki:twiki:4.0.0:*:*:*:*:*:*:*

CVE-2011-3010

Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin.
Max CVSS
4.3
EPSS Score
0.79%
Published
2011-09-30
Updated
2012-05-18

CVE-2011-1838

Multiple cross-site scripting (XSS) vulnerabilities in TemplateLogin.pm in TWiki before 5.0.2 allow remote attackers to inject arbitrary web script or HTML via the origurl parameter to a (1) view script or (2) login script.
Max CVSS
4.3
EPSS Score
1.12%
Published
2011-05-20
Updated
2018-10-09
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close