Vulnerabilities > Tiki > Tikiwiki CMS Groupware > 17.2

DATE CVE VULNERABILITY TITLE RISK
2020-04-01 CVE-2020-8966 Cross-site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware
There is an Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in php webpages of Tiki-Wiki Groupware.
network
low complexity
tiki CWE-79
6.1
6.1
2018-02-16 CVE-2018-7188 Cross-site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware
An XSS vulnerability (via an SVG image) in Tiki before 18 allows an authenticated user to gain administrator privileges if an administrator opens a wiki page with a malicious SVG image, related to lib/filegals/filegallib.php.
network
low complexity
tiki CWE-79
5.4
5.4