Medium severity5.4NVD Advisory· Published Aug 13, 2018· Updated Jun 17, 2026
CVE-2018-14850
CVE-2018-14850
Description
Stored XSS vulnerabilities in Tiki before 18.2, 15.7 and 12.14 allow an authenticated user injecting JavaScript to gain administrator privileges if an administrator opens a wiki page and moves the mouse pointer over a modified link or thumb image.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <18.2, <15.7, <12.14
Patches
Vulnerability mechanics
References
3- sourceforge.net/p/tikiwiki/code/66990nvdThird Party Advisory
- www.openwall.com/lists/oss-security/2018/08/02/1nvdMailing List
- www.openwall.com/lists/oss-security/2018/08/02/2nvdMailing List
News mentions
0No linked articles in our index yet.