Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An XSS vulnerability (via an SVG image) in Tiki before 18 allows an authenticated user to gain administrator privileges if an administrator opens a wiki page with a malicious SVG image, related to lib/filegals/filegallib.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tiki 跨站脚本漏洞
Vulnerability Description
Tiki是Tiki软件社区的一套开源的内容管理和门户应用程序,它可用于创建Web应用程序、门户网站、企业内部网、外联网等。 Tiki 18之前版本中存在跨站脚本漏洞。远程攻击者可借助带有恶意SVG图像的wiki页面利用该漏洞获取管理员权限。
CVSS Information
N/A
Vulnerability Type
N/A