QwikSec

Security Database

CVE

CWE

Training

CVE-2011-5267

Published: Nov 5, 2013

Modified: Sep 16, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in spell-check-savedicts.php in the SpellChecker module in Xinha, as used in WikiWig 5.01 and possibly other products, allow remote attackers to inject arbitrary web script or HTML via the (1) to_p_dict or (2) to_r_list parameter. NOTE: this issue might be related to the htmlarea plugin and CVE-2013-5670.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20130901 Re: CVE request: serendipity before 1.7.3 XSS

mailing-list

x_refsource_MLIST

http://www.autosectools.com/Advisories/WikiWig.5.01_Persistent-Reflected.Cross-site.Scripting_139.html

x_refsource_MISC

[oss-security] 20130901 CVE request: serendipity before 1.7.3 XSS

mailing-list

x_refsource_MLIST

exploit

x_refsource_EXPLOIT-DB

vdb-entry

x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.