CVE-2012-5321

tiki-featured_link.php in TikiWiki CMS/Groupware 8.3 allows remote attackers to load arbitrary web site pages into frames and conduct phishing attacks via the url parameter, aka "frame injection."
Configurations

Configuration 1 (hide)

cpe:2.3:a:tiki:tikiwiki_cms\/groupware:8.3:*:*:*:*:*:*:*

History

21 Nov 2024, 01:44

Type Values Removed Values Added
References () http://osvdb.org/79409 - () http://osvdb.org/79409 -
References () http://secunia.com/advisories/48102 - Vendor Advisory () http://secunia.com/advisories/48102 - Vendor Advisory
References () http://st2tea.blogspot.com/2012/02/tiki-wiki-cms-groupware-frame-injection.html - Exploit () http://st2tea.blogspot.com/2012/02/tiki-wiki-cms-groupware-frame-injection.html - Exploit
References () http://www.securityfocus.com/bid/52079 - Exploit () http://www.securityfocus.com/bid/52079 - Exploit
References () http://www.securitytracker.com/id?1026708 - Exploit () http://www.securitytracker.com/id?1026708 - Exploit
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/73403 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/73403 -

Information

Published : 2012-10-08 18:55

Updated : 2024-11-21 01:44


NVD link : CVE-2012-5321

Mitre link : CVE-2012-5321

CVE.ORG link : CVE-2012-5321


JSON object : View

Products Affected

tiki

  • tikiwiki_cms\/groupware
CWE
CWE-20

Improper Input Validation