Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-28	CVE-2021-36550	Cross-site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware 21.4 TikiWiki v21.4 was discovered to contain a cross-site scripting (XSS) vulnerability in the component tiki-browse_categories.php. network low complexity tiki CWE-79	5.4
2021-10-28	CVE-2021-36551	Cross-site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware 21.4 TikiWiki v21.4 was discovered to contain a cross-site scripting (XSS) vulnerability in the component tiki-calendar.php. network low complexity tiki CWE-79	5.4
2020-04-01	CVE-2020-8966	Cross-site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware There is an Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in php webpages of Tiki-Wiki Groupware. network low complexity tiki CWE-79	6.1
2020-02-12	CVE-2013-6022	Cross-site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware A Cross-Site Scripting (XSS) vulnerability exists in Tiki Wiki CMG Groupware 11.0 via the id paraZeroClipboard.swf, which could let a remote malicious user execute arbitrary code. network low complexity tiki CWE-79	6.1
2020-01-15	CVE-2011-4336	Cross-site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware Tiki Wiki CMS Groupware 7.0 has XSS via the GET "ajax" parameter to snarf_ajax.php. network low complexity tiki CWE-79	6.1
2019-10-28	CVE-2010-4240	Cross-site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware 5.2 Tiki Wiki CMS Groupware 5.2 has XSS network low complexity tiki CWE-79	6.1
2019-08-22	CVE-2019-15314	Cross-site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware 18.4 tiki/tiki-upload_file.php in Tiki 18.4 allows remote attackers to upload JavaScript code that is executed upon visiting a tiki/tiki-download_file.php?display&fileId= URI. network low complexity tiki CWE-79	5.4
2018-08-13	CVE-2018-14850	Cross-site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware Stored XSS vulnerabilities in Tiki before 18.2, 15.7 and 12.14 allow an authenticated user injecting JavaScript to gain administrator privileges if an administrator opens a wiki page and moves the mouse pointer over a modified link or thumb image. network low complexity tiki CWE-79	5.4
2018-08-13	CVE-2018-14849	Cross-site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware Tiki before 18.2, 15.7 and 12.14 has XSS via link attributes, related to lib/core/WikiParser/OutputLink.php and lib/parser/parserlib.php. network low complexity tiki CWE-79	5.4
2018-03-09	CVE-2018-7290	Cross-site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware Cross Site Scripting (XSS) exists in Tiki before 12.13, 15.6, 17.2, and 18.1. network low complexity tiki CWE-79	5.4