Description
Cross-site scripting (XSS) vulnerability in (1) uploads.php and (2) "url links" in PmWiki 2.1.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
Remediation
References
Related Vulnerabilities
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4402)
Magento Session Fixation Vulnerability (CVE-2019-7849)
Oracle Database Server CVE-2013-3789 Vulnerability (CVE-2013-3789)
PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2014-3981)