MidnightBSD

Advisories for zwiki

CVE-2004-1075 MEDIUM

Cross-site scripting (XSS) vulnerability in standard_error_message.dtml for Zwiki after 0.10.0rc1 to 0.36.2 allows remote attackers to inject arbitrary HTML and web script via a malformed URL, which is not properly cleansed when generating an error message.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
zwiki zwiki 0.36.2
zwiki zwiki 0.10_rc1