tiki-featured_link.php in TikiWiki CMS/Groupware 8.3 allows remote attackers to load arbitrary web site pages into frames and conduct phishing attacks via the url parameter, aka "frame injection."
References
Configurations
History
21 Nov 2024, 01:44
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/79409 - | |
References | () http://secunia.com/advisories/48102 - Vendor Advisory | |
References | () http://st2tea.blogspot.com/2012/02/tiki-wiki-cms-groupware-frame-injection.html - Exploit | |
References | () http://www.securityfocus.com/bid/52079 - Exploit | |
References | () http://www.securitytracker.com/id?1026708 - Exploit | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/73403 - |
Information
Published : 2012-10-08 18:55
Updated : 2024-11-21 01:44
NVD link : CVE-2012-5321
Mitre link : CVE-2012-5321
CVE.ORG link : CVE-2012-5321
JSON object : View
Products Affected
tiki
- tikiwiki_cms\/groupware
CWE
CWE-20
Improper Input Validation