Moderate severityNVD Advisory· Published Nov 6, 2013· Updated Jun 16, 2026
CVE-2013-4714
CVE-2013-4714
Description
Cross-site scripting (XSS) vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
tikiwiki/tiki-managerPackagist | >= 6.0, < 6.13 | 6.13 |
tikiwiki/tiki-managerPackagist | >= 9.0, < 9.7 | 9.7 |
tikiwiki/tiki-managerPackagist | >= 10.0, < 10.4 | 10.4 |
tikiwiki/tiki-managerPackagist | >= 11.0, < 11.1 | 11.1 |
Affected products
25cpe:2.3:a:tiki:tikiwiki_cms\/groupware:10.0:*:*:*:*:*:*:*+ 23 more
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:10.0:alpha:*:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:10.0:beta:*:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:10.1:*:*:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:10.2:*:*:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:10.3:*:*:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:11.0:beta:*:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:6.10:-:lts:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:6.11:-:lts:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:6.12:-:lts:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:6.8:-:lts:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:6.9:-:lts:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:9.0:alpha:lts:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:9.0:beta2:lts:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:9.0:beta:lts:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:9.0:-:lts:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:9.1:-:lts:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:9.2:beta1:lts:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:9.2:-:lts:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:9.3:-:lts:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:9.4:-:lts:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:9.5:-:lts:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:9.6:-:lts:*:*:*:*:*
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-h7jc-pg2r-mqj4ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2013-4714ghsaADVISORY
- info.tiki.org/article221-New-Versions-of-all-supported-versions-of-Tiki-Wiki-CMS-GroupwarenvdWEB
- jvn.jp/en/jp/JVN81813850/index.htmlnvdWEB
- jvndb.jvn.jp/jvndb/JVNDB-2013-000099nvdWEB
- tiki.org/article401-New-Versions-of-all-supported-versions-of-Tiki-Wiki-CMS-GroupwareghsaWEB
News mentions
0No linked articles in our index yet.