Cross-site scripting (XSS) vulnerability in the htmlscrubber in Ikiwiki before 1.1.46 allows remote attackers to inject arbitrary web script or HTML via title contents.
Max CVSS
4.3
EPSS Score
0.25%
Published
2008-02-19
Updated
2008-09-05
Cross-site scripting (XSS) vulnerability in the meta plugin in Ikiwiki before 1.1.47 allows remote attackers to inject arbitrary web script or HTML via meta tags.
Max CVSS
4.3
EPSS Score
0.25%
Published
2008-02-19
Updated
2008-09-05
Plugin/passwordauth.pm (aka the passwordauth plugin) in ikiwiki 1.34 through 2.47 allows remote attackers to bypass authentication, and login to any account for which an OpenID identity is configured and a password is not configured, by specifying an empty password during the login sequence.
Max CVSS
6.8
EPSS Score
1.41%
Published
2008-06-03
Updated
2017-08-08
Cross-site request forgery (CSRF) vulnerability in Ikiwiki before 2.42 allows remote attackers to modify user preferences, including passwords, via the (1) preferences and (2) edit forms.
Max CVSS
4.3
EPSS Score
0.22%
Published
2008-04-21
Updated
2017-08-08
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!