Vulnerability Details CVE-2020-8966
There is an Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in php webpages of Tiki-Wiki Groupware. Tiki-Wiki CMS all versions through 20.0 allows malicious users to cause the injection of malicious code fragments (scripts) into a legitimate web page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.7%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
- https://sourceforge.net/p/tikiwiki/code/75455
- https://www.incibe-cert.es/en/early-warning/security-advisories/cross-site-scripting-xss-flaws-found-tiki-wiki-cms-software
- https://sourceforge.net/p/tikiwiki/code/75455
- https://www.incibe-cert.es/en/early-warning/security-advisories/cross-site-scripting-xss-flaws-found-tiki-wiki-cms-software
Products affected by CVE-2020-8966
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.6.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.8.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.1.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.10
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.11
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.3.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.3.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.4
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.5
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.6
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.7
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.8
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.8.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.8.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.9
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:10.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:10.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:10.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:10.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:10.4
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:10.5
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:11.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:11.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.10
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.11
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.12
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.13
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.14
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.4
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.5
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.6
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.7
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.8
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.9
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:13.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:13.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:13.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:14.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:14.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:15.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:15.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:15.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:15.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:15.4
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:15.5
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:15.6
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:15.7
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:16.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:16.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:16.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:17.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:17.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:17.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:18.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:18.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:18.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:18.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:18.4
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:19.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:19.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:19.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:2.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:20.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:3.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:3.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:3.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:3.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:3.4
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:3.5
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:4
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:4.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:4.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:4.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:5.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:5.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:5.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:5.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.10
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.11
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.12
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.13
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.5
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.7
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.8
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.9
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:7.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:7.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:7.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:8.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:8.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:8.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:8.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:8.4
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:9.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:9.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:9.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:9.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:9.4
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:9.5
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:9.6
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:9.7