Back to search
CVE-2011-3010
Published: Sep 30, 2011
Modified: Sep 17, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5
x_refsource_MISC
75674
vdb-entry
x_refsource_OSVDB
1026091
vdb-entry
x_refsource_SECTRACK
46123
third-party-advisory
x_refsource_SECUNIA
http://develop.twiki.org/trac/changeset/21920
x_refsource_CONFIRM
49746
vdb-entry
x_refsource_BID
http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010
x_refsource_CONFIRM
20110922 XSS Vulnerabilities in TWiki < 5.1.0
mailing-list
x_refsource_BUGTRAQ
75673
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now