Vulnerabilities > Jamwiki

DATE CVE VULNERABILITY TITLE RISK
2011-11-23 CVE-2010-5054 Cross-Site Scripting vulnerability in Jamwiki
Cross-site scripting (XSS) vulnerability in Special:Login in JAMWiki before 0.8.4 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
network
jamwiki CWE-79
4.3
2007-01-09 CVE-2007-0131 Authentication Bypass vulnerability in JamWiki Topics Relocation
JAMWiki before 0.5.0 does not properly check permissions during moves of "read-only or admin-only topics," which allows remote attackers to make unauthorized changes to the wiki.
network
low complexity
jamwiki
7.5