Unrated severityNVD Advisory· Published Feb 24, 2007· Updated Apr 23, 2026

CVE-2006-7050

Description

Cross-site scripting (XSS) vulnerability in WikkaWiki (Wikka Wiki) before 1.1.6.2 allows remote attackers to inject arbitrary javascript via (1) events in forced links (url parameter) that are not properly handled in formatters/wakka.php, and possibly (2) other vectors in wikka.php.

Affected products

Wikkawiki/Wikkawiki
cpe:2.3:a:wikkawiki:wikkawiki:*:*:*:*:*:*:*:*
Range: <=1.1.6.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/20628nvdPatch
wikkawiki.org/WikkaReleaseNotesnvd
wush.net/trac/wikka/changeset/47nvd
wush.net/trac/wikka/ticket/142nvd
www.securityfocus.com/bid/18481nvd
www.vupen.com/english/advisories/2006/2381nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27227nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000