Unrated severityNVD Advisory· Published Apr 1, 2020· Updated Sep 16, 2024

Cross Site Scripting (XSS) flaws found in Tiki-Wiki CMS software

CVE-2020-8966

Description

There is an Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in php webpages of Tiki-Wiki Groupware. Tiki-Wiki CMS all versions through 20.0 allows malicious users to cause the injection of malicious code fragments (scripts) into a legitimate web page.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Tiki/Tikiwiki CMS\/groupwarellm-fuzzy
Range: <=20.0
Tiki/Tiki Wiki CMSv5
Range: through 20.0

Patches

Vulnerability mechanics

References

sourceforge.net/p/tikiwiki/code/75455mitrex_refsource_CONFIRM
www.incibe-cert.es/en/early-warning/security-advisories/cross-site-scripting-xss-flaws-found-tiki-wiki-cms-softwaremitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000