Ikiwiki : Security Vulnerabilities, CVEs, Published In 2011 (XSS)

CVE-2011-1401

ikiwiki before 3.20110328 does not ascertain whether the htmlscrubber plugin is enabled during processing of the "meta stylesheet" directive, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via crafted Cascading Style Sheets (CSS) token sequences in (1) the default stylesheet or (2) an alternate stylesheet.
Max CVSS
3.5
EPSS Score
0.17%
Published
2011-04-11
Updated
2011-04-20
1 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close