Description

Cross-site scripting (XSS) vulnerability in (1) uploads.php and (2) "url links" in PmWiki 2.1.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Remediation

References

CVE-2006-2840

Related Vulnerabilities

XWiki Other Vulnerability (CVE-2022-41935)

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39111)

WordPress Plugin Yoast SEO SQL Injection (1.7.3.3)

WordPress Plugin Persian Woocommerce SMS Cross-Site Scripting (3.3.2)

PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-9067)

Severity

Medium

Classification

CVE-2006-2840

Tags

Missing Update Known Vulnerabilities