Pukiwiki: Security Vulnerabilities
Reflected cross-site scripting vulnerability in PukiWiki versions 1.5.1 to 1.5.3 allows a remote attacker to inject an arbitrary script via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-08-23
Path traversal vulnerability in PukiWiki versions 1.4.5 to 1.5.3 allows a remote authenticated attacker with an administrative privilege to execute a malicious script via unspecified vectors.
CVSS Score
7.2
EPSS Score
0.013
Published
2022-08-23
Stored cross-site scripting vulnerability in PukiWiki versions 1.3.1 to 1.5.3 allows a remote attacker to inject an arbitrary script via unspecified vectors.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-08-23
Cross-site scripting (XSS) vulnerability in plugin/comment.inc.php in PukiWiki Plus! 1.4.7plus-u2-i18n and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.004
Published
2011-12-22