PmWiki.Search.XSS
Description
A cross-site scripting (XSS) vulnerability in the Search module, in PmWiki up to 2.0.12, allows remote attackers to inject arbitrary web script or HTML via the q parameter.
Affected Products
PmWiki version 2.0 through 2.0.12
Impact
Arbitrary web script or HTML execution.
Recommended Actions
Upgrade to PmWiki version 2.0.13 :
http://www.pmwiki.org/pub/pmwiki/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2018-09-26 | 13.458 |