{"vuid":"VU#450646","idnumber":"450646","name":"Tiki Wiki CMS Groupware version 11.0 contains a cross-site scripting (XSS) vulnerability","keywords":["Tiki Wiki","CMS","XSS","cross-site scripting","CWE-79"],"overview":"Tiki Wiki CMS Groupware version 11.0 and possibly earlier versions contain a cross-site scripting (XSS) vulnerability (CWE-79).","clean_desc":"CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Tiki Wiki CMS Groupware version 11.0 and possibly earlier versions contain a cross-site scripting (XSS) vulnerability. An attacker can inject arbitrary script via the vulnerable query string parameter id of the ZeroClipboard.swf file. For example: http://www.example.com/tiki/files/ZeroClipboard.swf?id=\\\"))}catch(e{alert(document.domain);}//&width&height","impact":"A remote attacker may be able to execute arbitrary script in the context of the end-user's browser session.","resolution":"Apply an Update Please refer to the Tiki blog post for instructions on which patch is appropriate for your version of Tiki Wiki CMS Groupware.","workarounds":"","sysaffected":"","thanks":"Thanks to Nikhil Kumar Srivastava from Techdefence Labs and Jinen Patel for reporting this vulnerability.","author":"This document was written by Adam Rauf.","public":["http://cwe.mitre.org/data/definitions/79.html","http://info.tiki.org/Download","http://info.tiki.org/article221-New-Versions-of-all-supported-versions-of-Tiki-Wiki-CMS-Groupware"],"cveids":["CVE-2013-6022"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2013-10-14T19:34:44Z","publicdate":"2013-10-31T00:00:00Z","datefirstpublished":"2013-10-31T19:07:19Z","dateupdated":"2013-10-31T19:07:20Z","revision":21,"vrda_d1_directreport":"1","vrda_d1_population":"1","vrda_d1_impact":"2","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"N","cvss_accesscomplexity":"L","cvss_authentication":null,"cvss_confidentialityimpact":"P","cvss_integrityimpact":"P","cvss_availabilityimpact":"N","cvss_exploitablity":null,"cvss_remediationlevel":"ND","cvss_reportconfidence":"C","cvss_collateraldamagepotential":"ND","cvss_targetdistribution":"L","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"6.4","cvss_basevector":"AV:N/AC:L/Au:N/C:P/I:P/A:N","cvss_temporalscore":"5.8","cvss_environmentalscore":"1.5","cvss_environmentalvector":"CDP:ND/TD:L/CR:ND/IR:ND/AR:ND","metric":0.0,"vulnote":null}