Date: Fri, 16 Feb 2018 18:42:59 +0100 From: chbi@...i.eu To: oss-security@...ts.openwall.com Subject: Re: XSS vulnerability in Tiki < 18 > A XSS vulnerability via SVG image allows an authenticated user to gain > administrator privileges if an administrator opens a wiki page with a > malicious SVG image, related to filegallib.php. > > > Fix: > https://sourceforge.net/p/tikiwiki/code/65327 CVE-2018-7188 has been assigned. -- chbi https://chbi.eu GPG: 3DE9 9187 4BE9 EAE6 3CA8 DC20 BA7B 93F9 9037 AE7E https://chbi.eu/chbi.asc Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ