PmWiki.Search.XSS

description-logoDescription

A cross-site scripting (XSS) vulnerability in the Search module, in PmWiki up to 2.0.12, allows remote attackers to inject arbitrary web script or HTML via the q parameter.

affected-products-logoAffected Products

PmWiki version 2.0 through 2.0.12

Impact logoImpact

Arbitrary web script or HTML execution.

recomended-action-logoRecommended Actions

Upgrade to PmWiki version 2.0.13 :
http://www.pmwiki.org/pub/pmwiki/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2018-09-26 13.458